github #222 addressed OAEP parameter setting, refactored KeyTransRecipientInfoGenerator to allow deprecation of sub class

author: David Hook <dgh@bouncycastle.org> 2021-05-24 13:06:31 +1000
committer: David Hook <dgh@bouncycastle.org> 2021-05-24 13:06:31 +1000
commit: 01238566c1d4b2a606e4859a75ad05ca79db4ffb (patch)
tree: ee7d1057d41cd25c3f0383b5d1ca2e213a976feb /crypto/test
parent: github#54 test for mixed mode definition (diff)
download: BouncyCastle.NET-ed25519-01238566c1d4b2a606e4859a75ad05ca79db4ffb.tar.xz
2 files changed, 135 insertions, 2 deletions
diff --git a/crypto/test/src/cms/test/EnvelopedDataTest.cs b/crypto/test/src/cms/test/EnvelopedDataTest.cs
index be588ef42..04e75f623 100644
--- a/crypto/test/src/cms/test/EnvelopedDataTest.cs
+++ b/crypto/test/src/cms/test/EnvelopedDataTest.cs
@@ -9,9 +9,12 @@ using Org.BouncyCastle.Asn1.Nist;
 using Org.BouncyCastle.Asn1.Ntt;
 using Org.BouncyCastle.Asn1.Oiw;
 using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
 using Org.BouncyCastle.Cms;
 using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Operators;
 using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Operators;
 using Org.BouncyCastle.Security;
 using Org.BouncyCastle.Utilities;
 using Org.BouncyCastle.Utilities.Encoders;
@@ -241,7 +244,8 @@ namespace Org.BouncyCastle.Cms.Tests
 
 			CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
 
-			edGen.AddKeyTransRecipient(ReciCert);
+			edGen.AddRecipientInfoGenerator(new KeyTransRecipientInfoGenerator(ReciCert,
+				new Asn1KeyWrapper("RSA/ECB/PKCS1Padding", ReciCert)));
 
 			CmsEnvelopedData ed = edGen.Generate(
 				new CmsProcessableByteArray(data),
@@ -322,6 +326,135 @@ namespace Org.BouncyCastle.Cms.Tests
 		}
 
 		[Test]
+		public void TestKeyTransSmallAesUsingAoep()
+		{
+			byte[] data = new byte[] { 0, 1, 2, 3 };
+
+			CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
+
+			edGen.AddRecipientInfoGenerator(new KeyTransRecipientInfoGenerator(ReciCert, 
+				new Asn1KeyWrapper("RSA/None/OAEPwithSHA256andMGF1withSHA1Padding", ReciCert)));
+
+			CmsEnvelopedData ed = edGen.Generate(
+				new CmsProcessableByteArray(data),
+				CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			RecipientInformationStore recipients = ed.GetRecipientInfos();
+
+			Assert.AreEqual(ed.EncryptionAlgOid,
+				CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (RecipientInformation recipient in c)
+			{
+				byte[] recData = recipient.GetContent(ReciKP.Private);
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+			}
+		}
+
+		[Test]
+		public void TestKeyTransSmallAesUsingAoepMixed()
+		{
+			byte[] data = new byte[] { 0, 1, 2, 3 };
+
+			CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
+
+			edGen.AddRecipientInfoGenerator(new KeyTransRecipientInfoGenerator(ReciCert, new Asn1KeyWrapper("RSA/None/OAEPwithSHA256andMGF1withSHA1Padding", ReciCert)));
+
+			CmsEnvelopedData ed = edGen.Generate(
+				new CmsProcessableByteArray(data),
+				CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			RecipientInformationStore recipients = ed.GetRecipientInfos();
+
+			Assert.AreEqual(ed.EncryptionAlgOid,
+				CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (RecipientInformation recipient in c)
+			{
+				byte[] recData = recipient.GetContent(ReciKP.Private);
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+			}
+		}
+
+		[Test]
+		public void TestKeyTransSmallAesUsingAoepMixedParams()
+		{
+			byte[] data = new byte[] { 0, 1, 2, 3 };
+
+			CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
+
+			edGen.AddRecipientInfoGenerator(
+				new KeyTransRecipientInfoGenerator(
+					ReciCert, 
+					new Asn1KeyWrapper(
+						PkcsObjectIdentifiers.IdRsaesOaep, 
+						new RsaesOaepParameters(
+							new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance),
+							new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance))),
+								ReciCert)));
+
+			CmsEnvelopedData ed = edGen.Generate(
+				new CmsProcessableByteArray(data),
+				CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			RecipientInformationStore recipients = ed.GetRecipientInfos();
+
+			Assert.AreEqual(ed.EncryptionAlgOid,
+				CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (RecipientInformation recipient in c)
+			{
+				byte[] recData = recipient.GetContent(ReciKP.Private);
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+			}
+		}
+
+		[Test]
+		public void TestKeyTransSmallAesUsingPkcs1()
+		{
+			byte[] data = new byte[] { 0, 1, 2, 3 };
+
+			CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator();
+
+			edGen.AddRecipientInfoGenerator(
+				new KeyTransRecipientInfoGenerator(
+					ReciCert,
+					new Asn1KeyWrapper(
+						PkcsObjectIdentifiers.RsaEncryption, ReciCert)));
+
+			CmsEnvelopedData ed = edGen.Generate(
+				new CmsProcessableByteArray(data),
+				CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			RecipientInformationStore recipients = ed.GetRecipientInfos();
+
+			Assert.AreEqual(ed.EncryptionAlgOid,
+				CmsEnvelopedDataGenerator.Aes128Cbc);
+
+			ICollection c = recipients.GetRecipients();
+
+			Assert.AreEqual(1, c.Count);
+
+			foreach (RecipientInformation recipient in c)
+			{
+				byte[] recData = recipient.GetContent(ReciKP.Private);
+				Assert.IsTrue(Arrays.AreEqual(data, recData));
+			}
+		}
+
+		[Test]
 		public void TestKeyTransCast5()
 		{
 			TryKeyTrans(CmsEnvelopedDataGenerator.Cast5Cbc,
diff --git a/crypto/test/src/crmf/test/CrmfTest.cs b/crypto/test/src/crmf/test/CrmfTest.cs
index 8211fe1c4..3e5251d18 100644
--- a/crypto/test/src/crmf/test/CrmfTest.cs
+++ b/crypto/test/src/crmf/test/CrmfTest.cs
@@ -110,7 +110,7 @@ namespace Org.BouncyCastle.Crmf.Tests
            
             certificateRequestMessageBuilder.AddControl(
                 new PkiArchiveControlBuilder(privateInfo, new GeneralName(new X509Name("CN=Test")))
-                    .AddRecipientGenerator(new CmsKeyTransRecipientInfoGenerator(cert, new Asn1KeyWrapper("RSA/None/OAEPwithSHA256andMGF1Padding", cert)))
+                    .AddRecipientGenerator(new KeyTransRecipientInfoGenerator(cert, new Asn1KeyWrapper("RSA/None/OAEPwithSHA256andMGF1Padding", cert)))
                     .Build(new CmsContentEncryptorBuilder(NistObjectIdentifiers.IdAes128Cbc).Build())
             );
author	David Hook <dgh@bouncycastle.org>	2021-05-24 13:06:31 +1000
committer	David Hook <dgh@bouncycastle.org>	2021-05-24 13:06:31 +1000
commit	01238566c1d4b2a606e4859a75ad05ca79db4ffb (patch)
tree	ee7d1057d41cd25c3f0383b5d1ca2e213a976feb /crypto/test
parent	github#54 test for mixed mode definition (diff)
download	BouncyCastle.NET-ed25519-01238566c1d4b2a606e4859a75ad05ca79db4ffb.tar.xz