diff options
| author | Peter Dettman <peter.dettman@gmail.com> | 2022-06-22 14:25:40 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@gmail.com> | 2022-06-22 14:25:40 +0700 |
| commit | d2c5b877bf9dad0ef9b393af2c17a6445780f0c4 (patch) | |
| tree | b95ffdebbb8dcfc175530d9281baa1b77b035e9b /crypto | |
| parent | ObsoleteAttribute cleanup (diff) | |
| download | BouncyCastle.NET-ed25519-d2c5b877bf9dad0ef9b393af2c17a6445780f0c4.tar.xz | |
ObsoleteAttribute cleanup
Diffstat (limited to 'crypto')
24 files changed, 176 insertions, 605 deletions
diff --git a/crypto/src/math/ec/ECCurve.cs b/crypto/src/math/ec/ECCurve.cs index c0e27a449..52d634cd2 100644 --- a/crypto/src/math/ec/ECCurve.cs +++ b/crypto/src/math/ec/ECCurve.cs @@ -721,13 +721,8 @@ namespace Org.BouncyCastle.Math.EC this.m_coord = FP_DEFAULT_COORDS; } - [Obsolete("Use constructor taking order/cofactor")] - protected FpCurve(BigInteger q, BigInteger r, ECFieldElement a, ECFieldElement b) - : this(q, r, a, b, null, null) - { - } - - protected FpCurve(BigInteger q, BigInteger r, ECFieldElement a, ECFieldElement b, BigInteger order, BigInteger cofactor) + internal FpCurve(BigInteger q, BigInteger r, ECFieldElement a, ECFieldElement b, BigInteger order, + BigInteger cofactor) : base(q) { this.m_q = q; @@ -777,6 +772,9 @@ namespace Org.BouncyCastle.Math.EC public override ECFieldElement FromBigInteger(BigInteger x) { + if (x == null || x.SignValue < 0 || x.CompareTo(m_q) >= 0) + throw new ArgumentException("value invalid for Fp field element", "x"); + return new FpFieldElement(this.m_q, this.m_r, x); } @@ -873,32 +871,11 @@ namespace Org.BouncyCastle.Math.EC private static IFiniteField BuildField(int m, int k1, int k2, int k3) { - if (k1 == 0) - { - throw new ArgumentException("k1 must be > 0"); - } - - if (k2 == 0) - { - if (k3 != 0) - { - throw new ArgumentException("k3 must be 0 if k2 == 0"); - } - - return FiniteFields.GetBinaryExtensionField(new int[]{ 0, k1, m }); - } - - if (k2 <= k1) - { - throw new ArgumentException("k2 must be > k1"); - } - - if (k3 <= k2) - { - throw new ArgumentException("k3 must be > k2"); - } + int[] exponents = (k2 | k3) == 0 + ? new int[]{ 0, k1, m } + : new int[]{ 0, k1, k2, k3, m }; - return FiniteFields.GetBinaryExtensionField(new int[]{ 0, k1, k2, k3, m }); + return FiniteFields.GetBinaryExtensionField(exponents); } protected AbstractF2mCurve(int m, int k1, int k2, int k3) @@ -1253,15 +1230,8 @@ namespace Org.BouncyCastle.Math.EC * @param cofactor The cofactor of the elliptic curve, i.e. * <code>#E<sub>a</sub>(F<sub>2<sup>m</sup></sub>) = h * n</code>. */ - public F2mCurve( - int m, - int k1, - int k2, - int k3, - BigInteger a, - BigInteger b, - BigInteger order, - BigInteger cofactor) + public F2mCurve(int m, int k1, int k2, int k3, BigInteger a, BigInteger b, BigInteger order, + BigInteger cofactor) : base(m, k1, k2, k3) { this.m = m; @@ -1272,29 +1242,13 @@ namespace Org.BouncyCastle.Math.EC this.m_cofactor = cofactor; this.m_infinity = new F2mPoint(this, null, null); - if (k1 == 0) - throw new ArgumentException("k1 must be > 0"); - - if (k2 == 0) - { - if (k3 != 0) - throw new ArgumentException("k3 must be 0 if k2 == 0"); - } - else - { - if (k2 <= k1) - throw new ArgumentException("k2 must be > k1"); - - if (k3 <= k2) - throw new ArgumentException("k3 must be > k2"); - } - this.m_a = FromBigInteger(a); this.m_b = FromBigInteger(b); this.m_coord = F2M_DEFAULT_COORDS; } - protected F2mCurve(int m, int k1, int k2, int k3, ECFieldElement a, ECFieldElement b, BigInteger order, BigInteger cofactor) + internal F2mCurve(int m, int k1, int k2, int k3, ECFieldElement a, ECFieldElement b, BigInteger order, + BigInteger cofactor) : base(m, k1, k2, k3) { this.m = m; @@ -1303,8 +1257,8 @@ namespace Org.BouncyCastle.Math.EC this.k3 = k3; this.m_order = order; this.m_cofactor = cofactor; - this.m_infinity = new F2mPoint(this, null, null); + this.m_a = a; this.m_b = b; this.m_coord = F2M_DEFAULT_COORDS; @@ -1345,7 +1299,14 @@ namespace Org.BouncyCastle.Math.EC public override ECFieldElement FromBigInteger(BigInteger x) { - return new F2mFieldElement(this.m, this.k1, this.k2, this.k3, x); + if (x == null || x.SignValue < 0 || x.BitLength > m) + throw new ArgumentException("value invalid for F2m field element", "x"); + + int[] ks = (k2 | k3) == 0 + ? new int[]{ k1 } + : new int[]{ k1, k2, k3 }; + + return new F2mFieldElement(m, ks, new LongArray(x)); } protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y) @@ -1470,7 +1431,9 @@ namespace Org.BouncyCastle.Math.EC private ECPoint CreatePoint(long[] x, long[] y) { int m = m_outer.m; - int[] ks = m_outer.IsTrinomial() ? new int[] { m_outer.k1 } : new int[] { m_outer.k1, m_outer.k2, m_outer.k3 }; + int[] ks = m_outer.IsTrinomial() + ? new int[]{ m_outer.k1 } + : new int[]{ m_outer.k1, m_outer.k2, m_outer.k3 }; ECFieldElement X = new F2mFieldElement(m, ks, new LongArray(x)); ECFieldElement Y = new F2mFieldElement(m, ks, new LongArray(y)); diff --git a/crypto/src/math/ec/ECFieldElement.cs b/crypto/src/math/ec/ECFieldElement.cs index ed530b6b7..774dfb9f1 100644 --- a/crypto/src/math/ec/ECFieldElement.cs +++ b/crypto/src/math/ec/ECFieldElement.cs @@ -128,17 +128,8 @@ namespace Org.BouncyCastle.Math.EC return null; } - [Obsolete("Use ECCurve.FromBigInteger to construct field elements")] - public FpFieldElement(BigInteger q, BigInteger x) - : this(q, CalculateResidue(q), x) - { - } - internal FpFieldElement(BigInteger q, BigInteger r, BigInteger x) { - if (x == null || x.SignValue < 0 || x.CompareTo(q) >= 0) - throw new ArgumentException("value invalid in Fp field element", "x"); - this.q = q; this.r = r; this.x = x; @@ -649,71 +640,6 @@ namespace Org.BouncyCastle.Math.EC */ internal LongArray x; - /** - * Constructor for Ppb. - * @param m The exponent <code>m</code> of - * <code>F<sub>2<sup>m</sup></sub></code>. - * @param k1 The integer <code>k1</code> where <code>x<sup>m</sup> + - * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code> - * represents the reduction polynomial <code>f(z)</code>. - * @param k2 The integer <code>k2</code> where <code>x<sup>m</sup> + - * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code> - * represents the reduction polynomial <code>f(z)</code>. - * @param k3 The integer <code>k3</code> where <code>x<sup>m</sup> + - * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code> - * represents the reduction polynomial <code>f(z)</code>. - * @param x The BigInteger representing the value of the field element. - */ - [Obsolete("Use ECCurve.FromBigInteger to construct field elements")] - public F2mFieldElement( - int m, - int k1, - int k2, - int k3, - BigInteger x) - { - if (x == null || x.SignValue < 0 || x.BitLength > m) - throw new ArgumentException("value invalid in F2m field element", "x"); - - if ((k2 == 0) && (k3 == 0)) - { - this.representation = Tpb; - this.ks = new int[] { k1 }; - } - else - { - if (k2 >= k3) - throw new ArgumentException("k2 must be smaller than k3"); - if (k2 <= 0) - throw new ArgumentException("k2 must be larger than 0"); - - this.representation = Ppb; - this.ks = new int[] { k1, k2, k3 }; - } - - this.m = m; - this.x = new LongArray(x); - } - - /** - * Constructor for Tpb. - * @param m The exponent <code>m</code> of - * <code>F<sub>2<sup>m</sup></sub></code>. - * @param k The integer <code>k</code> where <code>x<sup>m</sup> + - * x<sup>k</sup> + 1</code> represents the reduction - * polynomial <code>f(z)</code>. - * @param x The BigInteger representing the value of the field element. - */ - [Obsolete("Use ECCurve.FromBigInteger to construct field elements")] - public F2mFieldElement( - int m, - int k, - BigInteger x) - : this(m, k, 0, 0, x) - { - // Set k1 to k, and set k2 and k3 to 0 - } - internal F2mFieldElement(int m, int[] ks, LongArray x) { this.m = m; diff --git a/crypto/src/pkcs/PKCS12StoreBuilder.cs b/crypto/src/pkcs/PKCS12StoreBuilder.cs index b61a9ea63..50d927af7 100644 --- a/crypto/src/pkcs/PKCS12StoreBuilder.cs +++ b/crypto/src/pkcs/PKCS12StoreBuilder.cs @@ -10,7 +10,6 @@ namespace Org.BouncyCastle.Pkcs private DerObjectIdentifier keyAlgorithm = PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc; private DerObjectIdentifier certAlgorithm = PkcsObjectIdentifiers.PbewithShaAnd40BitRC2Cbc; private DerObjectIdentifier keyPrfAlgorithm = null; - private DerObjectIdentifier certPrfAlgorithm = null; private bool useDerEncoding = false; public Pkcs12StoreBuilder() @@ -19,7 +18,7 @@ namespace Org.BouncyCastle.Pkcs public Pkcs12Store Build() { - return new Pkcs12Store(keyAlgorithm, keyPrfAlgorithm, certAlgorithm, certPrfAlgorithm, useDerEncoding); + return new Pkcs12Store(keyAlgorithm, keyPrfAlgorithm, certAlgorithm, useDerEncoding); } public Pkcs12StoreBuilder SetCertAlgorithm(DerObjectIdentifier certAlgorithm) diff --git a/crypto/src/pkcs/Pkcs12Store.cs b/crypto/src/pkcs/Pkcs12Store.cs index 1e951ace5..d09b8828f 100644 --- a/crypto/src/pkcs/Pkcs12Store.cs +++ b/crypto/src/pkcs/Pkcs12Store.cs @@ -29,7 +29,6 @@ namespace Org.BouncyCastle.Pkcs private readonly DerObjectIdentifier keyAlgorithm; private readonly DerObjectIdentifier keyPrfAlgorithm; private readonly DerObjectIdentifier certAlgorithm; - private readonly DerObjectIdentifier certPrfAlgorithm; private readonly bool useDerEncoding; private AsymmetricKeyEntry unmarkedKeyEntry = null; @@ -85,50 +84,15 @@ namespace Org.BouncyCastle.Pkcs } } - internal Pkcs12Store( - DerObjectIdentifier keyAlgorithm, - DerObjectIdentifier certAlgorithm, - bool useDerEncoding) - { - this.keyAlgorithm = keyAlgorithm; - this.keyPrfAlgorithm = null; - this.certAlgorithm = certAlgorithm; - this.certPrfAlgorithm = null; - this.useDerEncoding = useDerEncoding; - } - - internal Pkcs12Store( - DerObjectIdentifier keyAlgorithm, - DerObjectIdentifier keyPrfAlgorithm, - DerObjectIdentifier certAlgorithm, - DerObjectIdentifier certPrfAlgorithm, - bool useDerEncoding) + internal Pkcs12Store(DerObjectIdentifier keyAlgorithm, DerObjectIdentifier keyPrfAlgorithm, + DerObjectIdentifier certAlgorithm, bool useDerEncoding) { this.keyAlgorithm = keyAlgorithm; this.keyPrfAlgorithm = keyPrfAlgorithm; this.certAlgorithm = certAlgorithm; - this.certPrfAlgorithm = certPrfAlgorithm; this.useDerEncoding = useDerEncoding; } - // TODO Consider making obsolete - // [Obsolete("Use 'Pkcs12StoreBuilder' instead")] - public Pkcs12Store() - : this(PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc, - PkcsObjectIdentifiers.PbewithShaAnd40BitRC2Cbc, false) - { - } - - // TODO Consider making obsolete -// [Obsolete("Use 'Pkcs12StoreBuilder' and 'Load' method instead")] - public Pkcs12Store( - Stream input, - char[] password) - : this() - { - Load(input, password); - } - protected virtual void LoadKeyBag(PrivateKeyInfo privKeyInfo, Asn1Set bagAttributes) { AsymmetricKeyParameter privKey = PrivateKeyFactory.CreateKey(privKeyInfo); diff --git a/crypto/src/security/SignerUtilities.cs b/crypto/src/security/SignerUtilities.cs index 8a289897e..b3a49dea8 100644 --- a/crypto/src/security/SignerUtilities.cs +++ b/crypto/src/security/SignerUtilities.cs @@ -690,7 +690,7 @@ namespace Org.BouncyCastle.Security public static ISigner InitSigner(string algorithm, bool forSigning, AsymmetricKeyParameter privateKey, SecureRandom random) { - ISigner signer = SignerUtilities.GetSigner(algorithm); + ISigner signer = GetSigner(algorithm); signer.Init(forSigning, ParameterUtilities.WithRandom(privateKey, random)); return signer; } diff --git a/crypto/src/x509/X509V1CertificateGenerator.cs b/crypto/src/x509/X509V1CertificateGenerator.cs index c571d2525..99543778b 100644 --- a/crypto/src/x509/X509V1CertificateGenerator.cs +++ b/crypto/src/x509/X509V1CertificateGenerator.cs @@ -4,9 +4,7 @@ using System.Collections; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Math; -using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.X509 @@ -16,10 +14,7 @@ namespace Org.BouncyCastle.X509 /// </summary> public class X509V1CertificateGenerator { - private V1TbsCertificateGenerator tbsGen; - private DerObjectIdentifier sigOID; - private AlgorithmIdentifier sigAlgId; - private string signatureAlgorithm; + private V1TbsCertificateGenerator tbsGen; /// <summary> /// Default Constructor. @@ -115,68 +110,17 @@ namespace Org.BouncyCastle.X509 } /// <summary> - /// Set the signature algorithm that will be used to sign this certificate. - /// This can be either a name or an OID, names are treated as case insensitive. - /// </summary> - /// <param name="signatureAlgorithm">string representation of the algorithm name</param> - [Obsolete("Not needed if Generate used with an ISignatureFactory")] - public void SetSignatureAlgorithm( - string signatureAlgorithm) - { - this.signatureAlgorithm = signatureAlgorithm; - - try - { - sigOID = X509Utilities.GetAlgorithmOid(signatureAlgorithm); - } - catch (Exception) - { - throw new ArgumentException("Unknown signature type requested", "signatureAlgorithm"); - } - - sigAlgId = X509Utilities.GetSigAlgID(sigOID, signatureAlgorithm); - - tbsGen.SetSignature(sigAlgId); - } - - /// <summary> - /// Generate a new X509Certificate. - /// </summary> - /// <param name="privateKey">The private key of the issuer used to sign this certificate.</param> - /// <returns>An X509Certificate.</returns> - [Obsolete("Use Generate with an ISignatureFactory")] - public X509Certificate Generate( - AsymmetricKeyParameter privateKey) - { - return Generate(privateKey, null); - } - - /// <summary> - /// Generate a new X509Certificate specifying a SecureRandom instance that you would like to use. - /// </summary> - /// <param name="privateKey">The private key of the issuer used to sign this certificate.</param> - /// <param name="random">The Secure Random you want to use.</param> - /// <returns>An X509Certificate.</returns> - [Obsolete("Use Generate with an ISignatureFactory")] - public X509Certificate Generate( - AsymmetricKeyParameter privateKey, - SecureRandom random) - { - return Generate(new Asn1SignatureFactory(signatureAlgorithm, privateKey, random)); - } - - /// <summary> /// Generate a new X509Certificate using the passed in SignatureCalculator. /// </summary> - /// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param> + /// <param name="signatureFactory">A signature calculator factory with the necessary algorithm details.</param> /// <returns>An X509Certificate.</returns> - public X509Certificate Generate(ISignatureFactory signatureCalculatorFactory) + public X509Certificate Generate(ISignatureFactory signatureFactory) { - tbsGen.SetSignature ((AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails); + tbsGen.SetSignature((AlgorithmIdentifier)signatureFactory.AlgorithmDetails); TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate(); - IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator(); + IStreamCalculator streamCalculator = signatureFactory.CreateCalculator(); byte[] encoded = tbsCert.GetDerEncoded(); @@ -184,7 +128,8 @@ namespace Org.BouncyCastle.X509 Platform.Dispose(streamCalculator.Stream); - return GenerateJcaObject(tbsCert, (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails, ((IBlockResult)streamCalculator.GetResult()).Collect()); + return GenerateJcaObject(tbsCert, (AlgorithmIdentifier)signatureFactory.AlgorithmDetails, + ((IBlockResult)streamCalculator.GetResult()).Collect()); } private X509Certificate GenerateJcaObject( diff --git a/crypto/src/x509/X509V2AttributeCertificateGenerator.cs b/crypto/src/x509/X509V2AttributeCertificateGenerator.cs index f49eea63f..643604181 100644 --- a/crypto/src/x509/X509V2AttributeCertificateGenerator.cs +++ b/crypto/src/x509/X509V2AttributeCertificateGenerator.cs @@ -4,9 +4,7 @@ using System.Collections; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Math; -using Org.BouncyCastle.Security; using Org.BouncyCastle.Security.Certificates; using Org.BouncyCastle.Utilities; @@ -17,10 +15,7 @@ namespace Org.BouncyCastle.X509 { private readonly X509ExtensionsGenerator extGenerator = new X509ExtensionsGenerator(); - private V2AttributeCertificateInfoGenerator acInfoGen; - private DerObjectIdentifier sigOID; - private AlgorithmIdentifier sigAlgId; - private string signatureAlgorithm; + private V2AttributeCertificateInfoGenerator acInfoGen; public X509V2AttributeCertificateGenerator() { @@ -67,31 +62,6 @@ namespace Org.BouncyCastle.X509 acInfoGen.SetEndDate(new DerGeneralizedTime(date)); } - /// <summary> - /// Set the signature algorithm. This can be either a name or an OID, names - /// are treated as case insensitive. - /// </summary> - /// <param name="signatureAlgorithm">The algorithm name.</param> - [Obsolete("Not needed if Generate used with an ISignatureFactory")] - public void SetSignatureAlgorithm( - string signatureAlgorithm) - { - this.signatureAlgorithm = signatureAlgorithm; - - try - { - sigOID = X509Utilities.GetAlgorithmOid(signatureAlgorithm); - } - catch (Exception) - { - throw new ArgumentException("Unknown signature type requested"); - } - - sigAlgId = X509Utilities.GetSigAlgID(sigOID, signatureAlgorithm); - - acInfoGen.SetSignature(sigAlgId); - } - /// <summary>Add an attribute.</summary> public void AddAttribute( X509Attribute attribute) @@ -130,28 +100,6 @@ namespace Org.BouncyCastle.X509 } /// <summary> - /// Generate an X509 certificate, based on the current issuer and subject. - /// </summary> - [Obsolete("Use Generate with an ISignatureFactory")] - public IX509AttributeCertificate Generate( - AsymmetricKeyParameter privateKey) - { - return Generate(privateKey, null); - } - - /// <summary> - /// Generate an X509 certificate, based on the current issuer and subject, - /// using the supplied source of randomness, if required. - /// </summary> - [Obsolete("Use Generate with an ISignatureFactory")] - public IX509AttributeCertificate Generate( - AsymmetricKeyParameter privateKey, - SecureRandom random) - { - return Generate(new Asn1SignatureFactory(signatureAlgorithm, privateKey, random)); - } - - /// <summary> /// Generate a new X.509 Attribute Certificate using the passed in SignatureCalculator. /// </summary> /// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param> diff --git a/crypto/src/x509/X509V2CRLGenerator.cs b/crypto/src/x509/X509V2CRLGenerator.cs index d16178ffa..ba5c7de2d 100644 --- a/crypto/src/x509/X509V2CRLGenerator.cs +++ b/crypto/src/x509/X509V2CRLGenerator.cs @@ -21,10 +21,7 @@ namespace Org.BouncyCastle.X509 { private readonly X509ExtensionsGenerator extGenerator = new X509ExtensionsGenerator(); - private V2TbsCertListGenerator tbsGen; - private DerObjectIdentifier sigOID; - private AlgorithmIdentifier sigAlgId; - private string signatureAlgorithm; + private V2TbsCertListGenerator tbsGen; public X509V2CrlGenerator() { @@ -130,30 +127,6 @@ namespace Org.BouncyCastle.X509 } } - /// <summary> - /// Set the signature algorithm that will be used to sign this CRL. - /// </summary> - /// <param name="signatureAlgorithm"/> - [Obsolete("Not needed if Generate used with an ISignatureFactory")] - public void SetSignatureAlgorithm( - string signatureAlgorithm) - { - this.signatureAlgorithm = signatureAlgorithm; - - try - { - sigOID = X509Utilities.GetAlgorithmOid(signatureAlgorithm); - } - catch (Exception e) - { - throw new ArgumentException("Unknown signature type requested", e); - } - - sigAlgId = X509Utilities.GetSigAlgID(sigOID, signatureAlgorithm); - - tbsGen.SetSignature(sigAlgId); - } - /** * add a given extension field for the standard extensions tag (tag 0) */ @@ -199,32 +172,6 @@ namespace Org.BouncyCastle.X509 } /// <summary> - /// Generate an X.509 CRL, based on the current issuer and subject. - /// </summary> - /// <param name="privateKey">The private key of the issuer that is signing this certificate.</param> - /// <returns>An X509Crl.</returns> - [Obsolete("Use Generate with an ISignatureFactory")] - public X509Crl Generate( - AsymmetricKeyParameter privateKey) - { - return Generate(privateKey, null); - } - - /// <summary> - /// Generate an X.509 CRL, based on the current issuer and subject using the specified secure random. - /// </summary> - /// <param name="privateKey">The private key of the issuer that is signing this certificate.</param> - /// <param name="random">Your Secure Random instance.</param> - /// <returns>An X509Crl.</returns> - [Obsolete("Use Generate with an ISignatureFactory")] - public X509Crl Generate( - AsymmetricKeyParameter privateKey, - SecureRandom random) - { - return Generate(new Asn1SignatureFactory(signatureAlgorithm, privateKey, random)); - } - - /// <summary> /// Generate a new X509Crl using the passed in SignatureCalculator. /// </summary> /// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param> diff --git a/crypto/src/x509/X509V3CertificateGenerator.cs b/crypto/src/x509/X509V3CertificateGenerator.cs index bc619c37b..47e58ddb5 100644 --- a/crypto/src/x509/X509V3CertificateGenerator.cs +++ b/crypto/src/x509/X509V3CertificateGenerator.cs @@ -20,10 +20,7 @@ namespace Org.BouncyCastle.X509 { private readonly X509ExtensionsGenerator extGenerator = new X509ExtensionsGenerator(); - private V3TbsCertificateGenerator tbsGen; - private DerObjectIdentifier sigOid; - private AlgorithmIdentifier sigAlgId; - private string signatureAlgorithm; + private V3TbsCertificateGenerator tbsGen; public X509V3CertificateGenerator() { @@ -108,30 +105,6 @@ namespace Org.BouncyCastle.X509 } /// <summary> - /// Set the signature algorithm that will be used to sign this certificate. - /// </summary> - /// <param name="signatureAlgorithm"/> - [Obsolete("Not needed if Generate used with an ISignatureFactory")] - public void SetSignatureAlgorithm( - string signatureAlgorithm) - { - this.signatureAlgorithm = signatureAlgorithm; - - try - { - sigOid = X509Utilities.GetAlgorithmOid(signatureAlgorithm); - } - catch (Exception) - { - throw new ArgumentException("Unknown signature type requested: " + signatureAlgorithm); - } - - sigAlgId = X509Utilities.GetSigAlgID(sigOid, signatureAlgorithm); - - tbsGen.SetSignature(sigAlgId); - } - - /// <summary> /// Set the subject unique ID - note: it is very rare that it is correct to do this. /// </summary> /// <param name="uniqueID"/> @@ -272,32 +245,6 @@ namespace Org.BouncyCastle.X509 } /// <summary> - /// Generate an X509Certificate. - /// </summary> - /// <param name="privateKey">The private key of the issuer that is signing this certificate.</param> - /// <returns>An X509Certificate.</returns> - [Obsolete("Use Generate with an ISignatureFactory")] - public X509Certificate Generate( - AsymmetricKeyParameter privateKey) - { - return Generate(privateKey, null); - } - - /// <summary> - /// Generate an X509Certificate using your own SecureRandom. - /// </summary> - /// <param name="privateKey">The private key of the issuer that is signing this certificate.</param> - /// <param name="random">You Secure Random instance.</param> - /// <returns>An X509Certificate.</returns> - [Obsolete("Use Generate with an ISignatureFactory")] - public X509Certificate Generate( - AsymmetricKeyParameter privateKey, - SecureRandom random) - { - return Generate(new Asn1SignatureFactory(signatureAlgorithm, privateKey, random)); - } - - /// <summary> /// Generate a new X509Certificate using the passed in SignatureCalculator. /// </summary> /// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param> diff --git a/crypto/test/src/cmp/test/ProtectedMessageTest.cs b/crypto/test/src/cmp/test/ProtectedMessageTest.cs index 22e4b1c85..d28984af6 100644 --- a/crypto/test/src/cmp/test/ProtectedMessageTest.cs +++ b/crypto/test/src/cmp/test/ProtectedMessageTest.cs @@ -402,9 +402,8 @@ namespace Org.BouncyCastle.Cmp.Tests } certGen.SetPublicKey(PublicKey); - certGen.SetSignatureAlgorithm(SignatureAlgorithm); - return certGen.Generate(privateKey); + return certGen.Generate(new Asn1SignatureFactory(SignatureAlgorithm, privateKey, null)); } } } diff --git a/crypto/test/src/cms/test/CMSTestUtil.cs b/crypto/test/src/cms/test/CMSTestUtil.cs index ca94959d7..242d7e8cf 100644 --- a/crypto/test/src/cms/test/CMSTestUtil.cs +++ b/crypto/test/src/cms/test/CMSTestUtil.cs @@ -6,6 +6,7 @@ using System.Text; using Org.BouncyCastle.Asn1.CryptoPro; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Security; @@ -19,7 +20,8 @@ namespace Org.BouncyCastle.Cms.Tests { public class CmsTestUtil { - public static SecureRandom rand; + public static readonly SecureRandom Random = new SecureRandom(); + private static IAsymmetricCipherKeyPairGenerator kpg; private static IAsymmetricCipherKeyPairGenerator gostKpg; private static IAsymmetricCipherKeyPairGenerator dsaKpg; @@ -85,7 +87,7 @@ namespace Org.BouncyCastle.Cms.Tests { kpg = GeneratorUtilities.GetKeyPairGenerator("RSA"); kpg.Init(new RsaKeyGenerationParameters( - BigInteger.ValueOf(17), rand, 1024, 25)); + BigInteger.ValueOf(17), Random, 1024, 25)); } return kpg; @@ -101,7 +103,7 @@ namespace Org.BouncyCastle.Cms.Tests gostKpg = GeneratorUtilities.GetKeyPairGenerator("GOST3410"); gostKpg.Init( new Gost3410KeyGenerationParameters( - rand, + Random, CryptoProObjectIdentifiers.GostR3410x94CryptoProA)); } @@ -120,7 +122,7 @@ namespace Org.BouncyCastle.Cms.Tests new BigInteger("1138656671590261728308283492178581223478058193247"), new BigInteger("4182906737723181805517018315469082619513954319976782448649747742951189003482834321192692620856488639629011570381138542789803819092529658402611668375788410")); dsaKpg = GeneratorUtilities.GetKeyPairGenerator("DSA"); - dsaKpg.Init(new DsaKeyGenerationParameters(rand, dsaSpec)); + dsaKpg.Init(new DsaKeyGenerationParameters(Random, dsaSpec)); } return dsaKpg; @@ -151,7 +153,7 @@ namespace Org.BouncyCastle.Cms.Tests if (ecDsaKpg == null) { ecDsaKpg = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); - ecDsaKpg.Init(new KeyGenerationParameters(rand, 239)); + ecDsaKpg.Init(new KeyGenerationParameters(Random, 239)); } return ecDsaKpg; @@ -162,25 +164,23 @@ namespace Org.BouncyCastle.Cms.Tests { try { - rand = new SecureRandom(); - aes192kg = GeneratorUtilities.GetKeyGenerator("AES"); - aes192kg.Init(new KeyGenerationParameters(rand, 192)); + aes192kg.Init(new KeyGenerationParameters(Random, 192)); desede128kg = GeneratorUtilities.GetKeyGenerator("DESEDE"); - desede128kg.Init(new KeyGenerationParameters(rand, 112)); + desede128kg.Init(new KeyGenerationParameters(Random, 112)); desede192kg = GeneratorUtilities.GetKeyGenerator("DESEDE"); - desede192kg.Init(new KeyGenerationParameters(rand, 168)); + desede192kg.Init(new KeyGenerationParameters(Random, 168)); rc240kg = GeneratorUtilities.GetKeyGenerator("RC2"); - rc240kg.Init(new KeyGenerationParameters(rand, 40)); + rc240kg.Init(new KeyGenerationParameters(Random, 40)); rc264kg = GeneratorUtilities.GetKeyGenerator("RC2"); - rc264kg.Init(new KeyGenerationParameters(rand, 64)); + rc264kg.Init(new KeyGenerationParameters(Random, 64)); rc2128kg = GeneratorUtilities.GetKeyGenerator("RC2"); - rc2128kg.Init(new KeyGenerationParameters(rand, 128)); + rc2128kg.Init(new KeyGenerationParameters(Random, 128)); aesKg = GeneratorUtilities.GetKeyGenerator("AES"); @@ -291,7 +291,7 @@ namespace Org.BouncyCastle.Cms.Tests public static KeyParameter MakeAesKey( int keySize) { - aesKg.Init(new KeyGenerationParameters(rand, keySize)); + aesKg.Init(new KeyGenerationParameters(Random, keySize)); return ParameterUtilities.CreateKeyParameter("AES", aesKg.GenerateKey()); } @@ -299,7 +299,7 @@ namespace Org.BouncyCastle.Cms.Tests public static KeyParameter MakeCamelliaKey( int keySize) { - camelliaKg.Init(new KeyGenerationParameters(rand, keySize)); + camelliaKg.Init(new KeyGenerationParameters(Random, keySize)); return ParameterUtilities.CreateKeyParameter("CAMELLIA", camelliaKg.GenerateKey()); } @@ -323,8 +323,10 @@ namespace Org.BouncyCastle.Cms.Tests AsymmetricKeyParameter issPriv = issKP.Private; AsymmetricKeyParameter issPub = issKP.Public; - X509V1CertificateGenerator v1CertGen = new X509V1CertificateGenerator(); + string signatureAlgorithm = GetSignatureAlgorithm(issPub); + ISignatureFactory signatureFactory = new Asn1SignatureFactory(signatureAlgorithm, issPriv, Random); + X509V1CertificateGenerator v1CertGen = new X509V1CertificateGenerator(); v1CertGen.Reset(); v1CertGen.SetSerialNumber(AllocateSerialNumber()); v1CertGen.SetIssuerDN(new X509Name(_issDN)); @@ -332,33 +334,7 @@ namespace Org.BouncyCastle.Cms.Tests v1CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100)); v1CertGen.SetSubjectDN(new X509Name(_subDN)); v1CertGen.SetPublicKey(subPub); - - if (issPub is RsaKeyParameters) - { - v1CertGen.SetSignatureAlgorithm("SHA1WithRSA"); - } - else if (issPub is DsaPublicKeyParameters) - { - v1CertGen.SetSignatureAlgorithm("SHA1withDSA"); - } - else if (issPub is ECPublicKeyParameters) - { - ECPublicKeyParameters ecPub = (ECPublicKeyParameters)issPub; - if (ecPub.AlgorithmName == "ECGOST3410") - { - v1CertGen.SetSignatureAlgorithm("GOST3411withECGOST3410"); - } - else - { - v1CertGen.SetSignatureAlgorithm("SHA1withECDSA"); - } - } - else - { - v1CertGen.SetSignatureAlgorithm("GOST3411WithGOST3410"); - } - - X509Certificate _cert = v1CertGen.Generate(issPriv); + X509Certificate _cert = v1CertGen.Generate(signatureFactory); _cert.CheckValidity(DateTime.UtcNow); _cert.Verify(issPub); @@ -374,8 +350,10 @@ namespace Org.BouncyCastle.Cms.Tests AsymmetricKeyParameter issPriv = issKP.Private; AsymmetricKeyParameter issPub = issKP.Public; - X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator(); + string signatureAlgorithm = GetSignatureAlgorithm(issPub); + ISignatureFactory signatureFactory = new Asn1SignatureFactory(signatureAlgorithm, issPriv, Random); + X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator(); v3CertGen.Reset(); v3CertGen.SetSerialNumber(AllocateSerialNumber()); v3CertGen.SetIssuerDN(new X509Name(_issDN)); @@ -384,27 +362,6 @@ namespace Org.BouncyCastle.Cms.Tests v3CertGen.SetSubjectDN(new X509Name(_subDN)); v3CertGen.SetPublicKey(subPub); - if (issPub is RsaKeyParameters) - { - v3CertGen.SetSignatureAlgorithm("SHA1WithRSA"); - } - else if (issPub is ECPublicKeyParameters) - { - ECPublicKeyParameters ecPub = (ECPublicKeyParameters) issPub; - if (ecPub.AlgorithmName == "ECGOST3410") - { - v3CertGen.SetSignatureAlgorithm("GOST3411withECGOST3410"); - } - else - { - v3CertGen.SetSignatureAlgorithm("SHA1withECDSA"); - } - } - else - { - v3CertGen.SetSignatureAlgorithm("GOST3411WithGOST3410"); - } - v3CertGen.AddExtension( X509Extensions.SubjectKeyIdentifier, false, @@ -420,7 +377,7 @@ namespace Org.BouncyCastle.Cms.Tests false, new BasicConstraints(_ca)); - X509Certificate _cert = v3CertGen.Generate(issPriv); + X509Certificate _cert = v3CertGen.Generate(signatureFactory); _cert.CheckValidity(); _cert.Verify(issPub); @@ -438,20 +395,36 @@ namespace Org.BouncyCastle.Cms.Tests crlGen.SetThisUpdate(now); crlGen.SetNextUpdate(now.AddSeconds(100)); - crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); crlGen.AddCrlEntry(BigInteger.One, now, CrlReason.PrivilegeWithdrawn); crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public)); - return crlGen.Generate(pair.Private); + return crlGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", pair.Private, null)); } - /* + /* * * INTERNAL METHODS * */ + + internal static string GetSignatureAlgorithm(AsymmetricKeyParameter publicKey) + { + if (publicKey is RsaKeyParameters) + return "SHA1WithRSA"; + + if (publicKey is DsaPublicKeyParameters) + return "SHA1withDSA"; + + if (publicKey is ECPublicKeyParameters ecPub) + { + return ecPub.AlgorithmName == "ECGOST3410" ? "GOST3411withECGOST3410" : "SHA1withECDSA"; + } + + return "GOST3411WithGOST3410"; + } + internal static IX509Store MakeAttrCertStore(params IX509AttributeCertificate[] attrCerts) { IList attrCertList = new ArrayList(); diff --git a/crypto/test/src/ocsp/test/OCSPTestUtil.cs b/crypto/test/src/ocsp/test/OCSPTestUtil.cs index 53b8f5bb9..c36c3163f 100644 --- a/crypto/test/src/ocsp/test/OCSPTestUtil.cs +++ b/crypto/test/src/ocsp/test/OCSPTestUtil.cs @@ -1,10 +1,8 @@ using System; -using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Asn1.X9; using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Security; @@ -98,7 +96,6 @@ namespace Org.BouncyCastle.Ocsp.Tests _v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100)); _v3CertGen.SetSubjectDN(new X509Name(_subDN)); _v3CertGen.SetPublicKey(_subPub); - _v3CertGen.SetSignatureAlgorithm(algorithm); _v3CertGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, createSubjectKeyId(_subPub)); @@ -109,9 +106,9 @@ namespace Org.BouncyCastle.Ocsp.Tests _v3CertGen.AddExtension(X509Extensions.BasicConstraints, false, new BasicConstraints(_ca)); - X509Certificate _cert = _v3CertGen.Generate(_issPriv); + X509Certificate _cert = _v3CertGen.Generate(new Asn1SignatureFactory(algorithm, _issPriv, null)); - _cert.CheckValidity(DateTime.UtcNow); + _cert.CheckValidity(DateTime.UtcNow); _cert.Verify(_issPub); return _cert; diff --git a/crypto/test/src/pkcs/examples/PKCS12Example.cs b/crypto/test/src/pkcs/examples/PKCS12Example.cs index 002e14c38..06247bc3f 100644 --- a/crypto/test/src/pkcs/examples/PKCS12Example.cs +++ b/crypto/test/src/pkcs/examples/PKCS12Example.cs @@ -6,10 +6,10 @@ using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Security; -using Org.BouncyCastle.Utilities.Date; using Org.BouncyCastle.X509; using Org.BouncyCastle.X509.Extension; @@ -26,9 +26,6 @@ namespace Org.BouncyCastle.Pkcs.Examples { private static readonly char[] passwd = "hello world".ToCharArray(); - private static readonly X509V1CertificateGenerator v1CertGen = new X509V1CertificateGenerator(); - private static readonly X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator(); - /** * we generate the CA's certificate */ @@ -49,16 +46,16 @@ namespace Org.BouncyCastle.Pkcs.Examples // // create the certificate - version 1 // + ISignatureFactory signatureFactory = new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null); + X509V1CertificateGenerator v1CertGen = new X509V1CertificateGenerator(); v1CertGen.SetSerialNumber(BigInteger.One); v1CertGen.SetIssuerDN(new X509Name(issuer)); v1CertGen.SetNotBefore(DateTime.UtcNow.AddMonths(-1)); v1CertGen.SetNotAfter(DateTime.UtcNow.AddMonths(1)); v1CertGen.SetSubjectDN(new X509Name(subject)); v1CertGen.SetPublicKey(pubKey); - v1CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); - - X509Certificate cert = v1CertGen.Generate(privKey); + X509Certificate cert = v1CertGen.Generate(signatureFactory); cert.CheckValidity(DateTime.UtcNow); @@ -107,15 +104,13 @@ namespace Org.BouncyCastle.Pkcs.Examples // // create the certificate - version 3 // - v3CertGen.Reset(); - + X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator(); v3CertGen.SetSerialNumber(BigInteger.Two); v3CertGen.SetIssuerDN(PrincipalUtilities.GetSubjectX509Principal(caCert)); v3CertGen.SetNotBefore(DateTime.UtcNow.AddMonths(-1)); v3CertGen.SetNotAfter(DateTime.UtcNow.AddMonths(1)); v3CertGen.SetSubjectDN(new X509Name(order, attrs)); v3CertGen.SetPublicKey(pubKey); - v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); // // extensions @@ -135,7 +130,7 @@ namespace Org.BouncyCastle.Pkcs.Examples true, new BasicConstraints(0)); - X509Certificate cert = v3CertGen.Generate(caPrivKey); + X509Certificate cert = v3CertGen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", caPrivKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -202,15 +197,13 @@ namespace Org.BouncyCastle.Pkcs.Examples // // create the certificate - version 3 // - v3CertGen.Reset(); - + X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator(); v3CertGen.SetSerialNumber(BigInteger.Three); v3CertGen.SetIssuerDN(new X509Name(sOrder, sAttrs)); v3CertGen.SetNotBefore(DateTime.UtcNow.AddMonths(-1)); v3CertGen.SetNotAfter(DateTime.UtcNow.AddMonths(1)); v3CertGen.SetSubjectDN(new X509Name(order, attrs)); v3CertGen.SetPublicKey(pubKey); - v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); // // add the extensions @@ -225,7 +218,7 @@ namespace Org.BouncyCastle.Pkcs.Examples false, new AuthorityKeyIdentifierStructure(caPubKey)); - X509Certificate cert = v3CertGen.Generate(caPrivKey); + X509Certificate cert = v3CertGen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", caPrivKey, null)); cert.CheckValidity(DateTime.UtcNow); diff --git a/crypto/test/src/pkcs/test/PKCS12StoreTest.cs b/crypto/test/src/pkcs/test/PKCS12StoreTest.cs index 1b49a5d02..884fd7449 100644 --- a/crypto/test/src/pkcs/test/PKCS12StoreTest.cs +++ b/crypto/test/src/pkcs/test/PKCS12StoreTest.cs @@ -8,9 +8,9 @@ using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; -using Org.BouncyCastle.Pkcs; using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities.Encoders; using Org.BouncyCastle.Utilities.Test; @@ -897,9 +897,10 @@ namespace Org.BouncyCastle.Pkcs.Tests certGen.SetNotAfter(DateTime.UtcNow.AddDays(30)); certGen.SetSubjectDN(new X509Name(order, subjectAttrs)); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); - return new X509CertificateEntry(certGen.Generate(privKey)); + ISignatureFactory signatureFactory = new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null); + X509Certificate cert = certGen.Generate(signatureFactory); + return new X509CertificateEntry(cert); } private void DoTestCertsOnly() diff --git a/crypto/test/src/security/test/TestDotNetUtil.cs b/crypto/test/src/security/test/TestDotNetUtil.cs index 062eada0e..899af016c 100644 --- a/crypto/test/src/security/test/TestDotNetUtil.cs +++ b/crypto/test/src/security/test/TestDotNetUtil.cs @@ -9,6 +9,7 @@ using NUnit.Framework; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Utilities.Encoders; @@ -66,11 +67,10 @@ namespace Org.BouncyCastle.Security.Tests certGen.SetNotAfter(DateTime.UtcNow.AddDays(1)); certGen.SetSubjectDN(new X509Name(ord, attrs)); certGen.SetPublicKey(dsaPub); - certGen.SetSignatureAlgorithm("SHA1WITHDSA"); - X509Certificate cert = certGen.Generate(dsaPriv); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("SHA1WITHDSA", dsaPriv, null)); - cert.CheckValidity(); + cert.CheckValidity(); cert.Verify(dsaPub); SystemX509.X509Certificate dotNetCert = DotNetUtilities.ToX509Certificate(cert); diff --git a/crypto/test/src/test/AttrCertSelectorTest.cs b/crypto/test/src/test/AttrCertSelectorTest.cs index 37c1e66d2..dfd4295e2 100644 --- a/crypto/test/src/test/AttrCertSelectorTest.cs +++ b/crypto/test/src/test/AttrCertSelectorTest.cs @@ -5,6 +5,7 @@ using NUnit.Framework; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Utilities.Date; @@ -110,7 +111,6 @@ namespace Org.BouncyCastle.Tests gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); gen.SetSerialNumber(BigInteger.One); - gen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); Target targetName = new Target( Target.Choice.Name, @@ -125,7 +125,7 @@ namespace Org.BouncyCastle.Tests TargetInformation targetInformation = new TargetInformation(targets); gen.AddExtension(X509Extensions.TargetInformation.Id, true, targetInformation); - return gen.Generate(privKey); + return gen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null)); } [Test] diff --git a/crypto/test/src/test/AttrCertTest.cs b/crypto/test/src/test/AttrCertTest.cs index d701d007e..f57f67fad 100644 --- a/crypto/test/src/test/AttrCertTest.cs +++ b/crypto/test/src/test/AttrCertTest.cs @@ -6,9 +6,9 @@ using NUnit.Framework; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; -using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities.Collections; using Org.BouncyCastle.Utilities.Encoders; using Org.BouncyCastle.Utilities.Test; @@ -270,9 +270,9 @@ namespace Org.BouncyCastle.Tests gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); gen.SetSerialNumber(BigInteger.One); - gen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); - IX509AttributeCertificate aCert = gen.Generate(privKey); + IX509AttributeCertificate aCert = gen.Generate( + new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null)); aCert.CheckValidity(); @@ -378,9 +378,9 @@ namespace Org.BouncyCastle.Tests gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); gen.SetSerialNumber(BigInteger.One); - gen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); - IX509AttributeCertificate aCert = gen.Generate(privKey); + IX509AttributeCertificate aCert = gen.Generate( + new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null)); aCert.CheckValidity(); @@ -499,9 +499,8 @@ namespace Org.BouncyCastle.Tests gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); gen.SetSerialNumber(aCert.SerialNumber); - gen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); - aCert = gen.Generate(privKey); + aCert = gen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null)); aCert.CheckValidity(); @@ -575,7 +574,7 @@ namespace Org.BouncyCastle.Tests gen.AddExtension("2.2", false, new DerOctetString(new byte[20])); - aCert = gen.Generate(privKey); + aCert = gen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null)); ISet exts = aCert.GetCriticalExtensionOids(); diff --git a/crypto/test/src/test/CertTest.cs b/crypto/test/src/test/CertTest.cs index d83b67f8c..e0f97a61f 100644 --- a/crypto/test/src/test/CertTest.cs +++ b/crypto/test/src/test/CertTest.cs @@ -12,6 +12,7 @@ using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Asn1.X9; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Math.EC; @@ -1164,9 +1165,8 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name(ord, values)); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); - X509Certificate cert = certGen.Generate(privKey); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -1194,7 +1194,6 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name(ord, values)); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); certGen.AddExtension("2.5.29.15", true, new X509KeyUsage(X509KeyUsage.EncipherOnly)); certGen.AddExtension("2.5.29.37", true, @@ -1202,7 +1201,7 @@ namespace Org.BouncyCastle.Tests certGen.AddExtension("2.5.29.17", true, new GeneralNames(new GeneralName(GeneralName.Rfc822Name, "test@test.test"))); - cert = certGen.Generate(privKey); + cert = certGen.Generate(new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -1242,9 +1241,7 @@ namespace Org.BouncyCastle.Tests certGen1.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen1.SetSubjectDN(new X509Name(ord, values)); certGen1.SetPublicKey(pubKey); - certGen1.SetSignatureAlgorithm("MD5WithRSAEncryption"); - - cert = certGen1.Generate(privKey); + cert = certGen1.Generate(new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -1322,11 +1319,10 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name(ord, values)); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm("SHA1withDSA"); try { - X509Certificate cert = certGen.Generate(privKey); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("SHA1withDSA", privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -1352,11 +1348,10 @@ namespace Org.BouncyCastle.Tests certGen1.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen1.SetSubjectDN(new X509Name(ord, values)); certGen1.SetPublicKey(pubKey); - certGen1.SetSignatureAlgorithm("SHA1withDSA"); try { - X509Certificate cert = certGen1.Generate(privKey); + X509Certificate cert = certGen1.Generate(new Asn1SignatureFactory("SHA1withDSA", privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -1465,11 +1460,10 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name(order, attrs)); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm("SHA1withECDSA"); try { - X509Certificate cert = certGen.Generate(privKey); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("SHA1withECDSA", privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -1490,7 +1484,7 @@ namespace Org.BouncyCastle.Tests certGen.SetPublicKey(pubKey); - cert = certGen.Generate(privKey); + cert = certGen.Generate(new Asn1SignatureFactory("SHA1withECDSA", privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -1583,10 +1577,8 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name(order, attrs)); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm(algorithm); - - X509Certificate cert = certGen.Generate(privKey); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory(algorithm, privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -1607,7 +1599,7 @@ namespace Org.BouncyCastle.Tests certGen.SetPublicKey(pubKey); - cert = certGen.Generate(privKey); + cert = certGen.Generate(new Asn1SignatureFactory(algorithm, privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -1673,14 +1665,13 @@ namespace Org.BouncyCastle.Tests crlGen.SetThisUpdate(now); crlGen.SetNextUpdate(now.AddSeconds(100)); - crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); crlGen.AddCrlEntry(BigInteger.One, now, CrlReason.PrivilegeWithdrawn); crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public)); - X509Crl crl = crlGen.Generate(pair.Private); + X509Crl crl = crlGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", pair.Private, null)); if (!crl.IssuerDN.Equivalent(new X509Name("CN=Test CA"), true)) { @@ -1745,7 +1736,6 @@ namespace Org.BouncyCastle.Tests crlGen.SetThisUpdate(now); crlGen.SetNextUpdate(now.AddSeconds(100)); - crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); IList extOids = new ArrayList(); IList extValues = new ArrayList(); @@ -1768,7 +1758,7 @@ namespace Org.BouncyCastle.Tests crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public)); - X509Crl crl = crlGen.Generate(pair.Private); + X509Crl crl = crlGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", pair.Private, null)); if (!crl.IssuerDN.Equivalent(new X509Name("CN=Test CA"), true)) { @@ -1833,7 +1823,6 @@ namespace Org.BouncyCastle.Tests crlGen.SetThisUpdate(now); crlGen.SetNextUpdate(now.AddSeconds(100)); - crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); IList extOids = new ArrayList(); IList extValues = new ArrayList(); @@ -1856,7 +1845,7 @@ namespace Org.BouncyCastle.Tests crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public)); - X509Crl crl = crlGen.Generate(pair.Private); + X509Crl crl = crlGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", pair.Private, null)); if (!crl.IssuerDN.Equivalent(new X509Name("CN=Test CA"), true)) { @@ -1915,7 +1904,6 @@ namespace Org.BouncyCastle.Tests crlGen.SetThisUpdate(now); crlGen.SetNextUpdate(now.AddSeconds(100)); - crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); crlGen.AddCrl(crl); @@ -1923,7 +1911,7 @@ namespace Org.BouncyCastle.Tests crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public)); - X509Crl newCrl = crlGen.Generate(pair.Private); + X509Crl newCrl = crlGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", pair.Private, null)); int count = 0; bool oneFound = false; @@ -2043,9 +2031,8 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name(order, attrs)); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm("GOST3411withGOST3410"); - X509Certificate cert = certGen.Generate(privKey); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("GOST3411withGOST3410", privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -2127,7 +2114,6 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name(ord, values)); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); certGen.AddExtension("2.5.29.15", true, new X509KeyUsage(X509KeyUsage.EncipherOnly)); certGen.AddExtension("2.5.29.37", true, @@ -2135,7 +2121,8 @@ namespace Org.BouncyCastle.Tests certGen.AddExtension("2.5.29.17", true, new GeneralNames(new GeneralName(GeneralName.Rfc822Name, "test@test.test"))); - X509Certificate baseCert = certGen.Generate(privKey); + X509Certificate baseCert = certGen.Generate( + new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null)); // // copy certificate @@ -2148,12 +2135,11 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name(ord, values)); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); certGen.CopyAndAddExtension(new DerObjectIdentifier("2.5.29.15"), true, baseCert); certGen.CopyAndAddExtension("2.5.29.37", false, baseCert); - X509Certificate cert = certGen.Generate(privKey); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null)); cert.CheckValidity(DateTime.UtcNow); @@ -2189,7 +2175,7 @@ namespace Org.BouncyCastle.Tests { certGen.SetPublicKey(dudPublicKey); - certGen.Generate(privKey); + certGen.Generate(new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null)); Fail("key without encoding not detected in v3"); } @@ -2390,7 +2376,6 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name(ord, values)); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm(algorithm); certGen.AddExtension("2.5.29.15", true, new X509KeyUsage(X509KeyUsage.EncipherOnly)); certGen.AddExtension("2.5.29.37", true, @@ -2398,7 +2383,7 @@ namespace Org.BouncyCastle.Tests certGen.AddExtension("2.5.29.17", true, new GeneralNames(new GeneralName(GeneralName.Rfc822Name, "test@test.test"))); - X509Certificate baseCert = certGen.Generate(privKey); + X509Certificate baseCert = certGen.Generate(new Asn1SignatureFactory(algorithm, privKey, null)); baseCert.Verify(pubKey); } @@ -2457,8 +2442,7 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name("CN=Test")); certGen.SetPublicKey(pubKey); - certGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); - X509Certificate cert = certGen.Generate(privKey); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null)); X509CertificateStructure certStruct = X509CertificateStructure.GetInstance( Asn1Object.FromByteArray(cert.GetEncoded())); diff --git a/crypto/test/src/test/ECEncodingTest.cs b/crypto/test/src/test/ECEncodingTest.cs index 8d993c15e..ff9fb7aa2 100644 --- a/crypto/test/src/test/ECEncodingTest.cs +++ b/crypto/test/src/test/ECEncodingTest.cs @@ -1,5 +1,4 @@ using System; -using System.IO; using NUnit.Framework; @@ -7,6 +6,7 @@ using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Asn1.X9; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Math.EC; @@ -204,7 +204,6 @@ namespace Org.BouncyCastle.Tests pubECKey = SetPublicUncompressed(pubECKey); } - certGen.SetSignatureAlgorithm("ECDSAwithSHA1"); certGen.SetSerialNumber(BigInteger.One); certGen.SetIssuerDN(new X509Name("CN=Software emul (EC Cert)")); certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); @@ -212,7 +211,7 @@ namespace Org.BouncyCastle.Tests certGen.SetSubjectDN(new X509Name("CN=Software emul (EC Cert)")); certGen.SetPublicKey(pubECKey); - return certGen.Generate(privECKey); + return certGen.Generate(new Asn1SignatureFactory("ECDSAwithSHA1", privECKey, null)); } private ECPublicKeyParameters SetPublicUncompressed( diff --git a/crypto/test/src/test/GOST3410Test.cs b/crypto/test/src/test/GOST3410Test.cs index 03dcf3144..fc439c4ee 100644 --- a/crypto/test/src/test/GOST3410Test.cs +++ b/crypto/test/src/test/GOST3410Test.cs @@ -6,6 +6,7 @@ using NUnit.Framework; using Org.BouncyCastle.Asn1.CryptoPro; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Math.EC; @@ -260,16 +261,14 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name("CN=Test")); certGen.SetPublicKey(vKey); - certGen.SetSignatureAlgorithm("GOST3411withGOST3410"); - - X509Certificate cert = certGen.Generate(sKey); + + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("GOST3411withGOST3410", sKey, null)); X509CertificateEntry certEntry = new X509CertificateEntry(cert); -// ks.SetKeyEntry("gost", sKey, "gost".ToCharArray(), new X509Certificate[] { cert }); - ks.SetKeyEntry("gost", new AsymmetricKeyEntry(sKey), new X509CertificateEntry[] { certEntry }); - + ks.SetKeyEntry("gost", new AsymmetricKeyEntry(sKey), new X509CertificateEntry[]{ certEntry }); + MemoryStream bOut = new MemoryStream(); - + ks.Save(bOut, "gost".ToCharArray(), new SecureRandom()); // ks = KeyStore.getInstance("JKS"); diff --git a/crypto/test/src/test/PkixPolicyMappingTest.cs b/crypto/test/src/test/PkixPolicyMappingTest.cs index 47e2c3120..24fe4e006 100644 --- a/crypto/test/src/test/PkixPolicyMappingTest.cs +++ b/crypto/test/src/test/PkixPolicyMappingTest.cs @@ -6,6 +6,7 @@ using NUnit.Framework; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Pkix; @@ -41,9 +42,7 @@ namespace Org.BouncyCastle.Tests v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(30)); v3CertGen.SetSubjectDN(new X509Name(subject)); v3CertGen.SetPublicKey(pubKey); - v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); - X509Certificate cert = v3CertGen.Generate(privKey); - return cert; + return v3CertGen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null)); } /** @@ -65,12 +64,10 @@ namespace Org.BouncyCastle.Tests v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(30)); v3CertGen.SetSubjectDN(new X509Name(subject)); v3CertGen.SetPublicKey(pubKey); - v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); v3CertGen.AddExtension(X509Extensions.CertificatePolicies, true, new DerSequence(policies)); v3CertGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(true)); v3CertGen.AddExtension(X509Extensions.PolicyMappings, true, new PolicyMappings(policyMap)); - X509Certificate cert = v3CertGen.Generate(caPrivKey); - return cert; + return v3CertGen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", caPrivKey, null)); } /** @@ -91,10 +88,8 @@ namespace Org.BouncyCastle.Tests v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(30)); v3CertGen.SetSubjectDN(new X509Name(subject)); v3CertGen.SetPublicKey(pubKey); - v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); v3CertGen.AddExtension(X509Extensions.CertificatePolicies, true, new DerSequence(policies)); - X509Certificate cert = v3CertGen.Generate(caPrivKey); - return cert; + return v3CertGen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", caPrivKey, null)); } private string TestPolicies( diff --git a/crypto/test/src/test/TestUtilities.cs b/crypto/test/src/test/TestUtilities.cs index a79421207..63ca87873 100644 --- a/crypto/test/src/test/TestUtilities.cs +++ b/crypto/test/src/test/TestUtilities.cs @@ -1,9 +1,9 @@ using System; -using System.Diagnostics; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Math; using Org.BouncyCastle.Security; using Org.BouncyCastle.Security.Certificates; @@ -30,23 +30,22 @@ namespace Org.BouncyCastle.Tests return kpGen.GenerateKeyPair(); } - public static X509Certificate GenerateRootCert( - AsymmetricCipherKeyPair pair) - { - X509V1CertificateGenerator certGen = new X509V1CertificateGenerator(); - - certGen.SetSerialNumber(BigInteger.One); - certGen.SetIssuerDN(new X509Name("CN=Test CA Certificate")); - certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); - certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); - certGen.SetSubjectDN(new X509Name("CN=Test CA Certificate")); - certGen.SetPublicKey(pair.Public); - certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); - - return certGen.Generate(pair.Private); - } - - public static X509Certificate GenerateIntermediateCert( + public static X509Certificate GenerateRootCert( + AsymmetricCipherKeyPair pair) + { + Asn1SignatureFactory signatureFactory = new Asn1SignatureFactory("SHA256WithRSAEncryption", pair.Private, null); + + X509V1CertificateGenerator certGen = new X509V1CertificateGenerator(); + certGen.SetSerialNumber(BigInteger.One); + certGen.SetIssuerDN(new X509Name("CN=Test CA Certificate")); + certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + certGen.SetSubjectDN(new X509Name("CN=Test CA Certificate")); + certGen.SetPublicKey(pair.Public); + return certGen.Generate(signatureFactory); + } + + public static X509Certificate GenerateIntermediateCert( AsymmetricKeyParameter intKey, AsymmetricKeyParameter caKey, X509Certificate caCert) @@ -59,14 +58,13 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name("CN=Test Intermediate Certificate")); certGen.SetPublicKey(intKey); - certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); certGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert)); certGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(intKey)); certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(0)); certGen.AddExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.DigitalSignature | KeyUsage.KeyCertSign | KeyUsage.CrlSign)); - return certGen.Generate(caKey); + return certGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", caKey, null)); } public static X509Certificate GenerateEndEntityCert( @@ -82,14 +80,13 @@ namespace Org.BouncyCastle.Tests certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); certGen.SetSubjectDN(new X509Name("CN=Test End Certificate")); certGen.SetPublicKey(entityKey); - certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); certGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert)); certGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(entityKey)); certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false)); certGen.AddExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.DigitalSignature | KeyUsage.KeyEncipherment)); - return certGen.Generate(caKey); + return certGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", caKey, null)); } public static X509Crl CreateCrl( @@ -99,20 +96,18 @@ namespace Org.BouncyCastle.Tests { X509V2CrlGenerator crlGen = new X509V2CrlGenerator(); DateTime now = DateTime.UtcNow; -// BigInteger revokedSerialNumber = BigInteger.Two; crlGen.SetIssuerDN(PrincipalUtilities.GetSubjectX509Principal(caCert)); crlGen.SetThisUpdate(now); crlGen.SetNextUpdate(now.AddSeconds(100)); - crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); crlGen.AddCrlEntry(serialNumber, now, CrlReason.PrivilegeWithdrawn); crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert)); crlGen.AddExtension(X509Extensions.CrlNumber, false, new CrlNumber(BigInteger.One)); - return crlGen.Generate(caKey); + return crlGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", caKey, null)); } public static X509Certificate CreateExceptionCertificate( diff --git a/crypto/test/src/tsp/test/TSPTestUtil.cs b/crypto/test/src/tsp/test/TSPTestUtil.cs index c8c6a63c0..20eb7e228 100644 --- a/crypto/test/src/tsp/test/TSPTestUtil.cs +++ b/crypto/test/src/tsp/test/TSPTestUtil.cs @@ -12,6 +12,7 @@ using Org.BouncyCastle.Asn1.TeleTrust; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Asn1.X9; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Security; @@ -350,7 +351,6 @@ namespace Org.BouncyCastle.Tsp.Tests _v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100)); _v3CertGen.SetSubjectDN(new X509Name(_subDN)); _v3CertGen.SetPublicKey(_subPub); - _v3CertGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); _v3CertGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, createSubjectKeyId(_subPub)); @@ -369,9 +369,10 @@ namespace Org.BouncyCastle.Tsp.Tests ExtendedKeyUsage.GetInstance(new DerSequence(KeyPurposeID.IdKPTimeStamping))); } - X509Certificate _cert = _v3CertGen.Generate(_issPriv); + X509Certificate _cert = _v3CertGen.Generate( + new Asn1SignatureFactory("MD5WithRSAEncryption", _issPriv, null)); - _cert.CheckValidity(DateTime.UtcNow); + _cert.CheckValidity(DateTime.UtcNow); _cert.Verify(_issPub); return _cert; diff --git a/crypto/test/src/x509/test/TestCertificateGen.cs b/crypto/test/src/x509/test/TestCertificateGen.cs index 491f6d312..33ddc26c0 100644 --- a/crypto/test/src/x509/test/TestCertificateGen.cs +++ b/crypto/test/src/x509/test/TestCertificateGen.cs @@ -1,12 +1,12 @@ using System; using System.Collections; -using System.Text; using NUnit.Framework; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Asn1.X9; using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Crypto.Signers; using Org.BouncyCastle.Math; @@ -104,12 +104,11 @@ namespace Org.BouncyCastle.X509.Tests certGen.SetNotAfter(DateTime.UtcNow.AddDays(1)); certGen.SetSubjectDN(new X509Name(ord, attrs)); certGen.SetPublicKey(rsaPublic); - certGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); - X509Certificate cert = certGen.Generate(rsaPrivate); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("MD5WithRSAEncryption", rsaPrivate, null)); -// Assert.IsTrue((cert.IsValidNow && cert.Verify(rsaPublic)),"Certificate failed to be valid (RSA)"); - cert.CheckValidity(); + //Assert.IsTrue((cert.IsValidNow && cert.Verify(rsaPublic)),"Certificate failed to be valid (RSA)"); + cert.CheckValidity(); cert.Verify(rsaPublic); //Console.WriteLine(ASN1Dump.DumpAsString(cert.ToAsn1Object())); @@ -181,12 +180,11 @@ namespace Org.BouncyCastle.X509.Tests certGen.SetNotAfter(DateTime.UtcNow.AddDays(1)); certGen.SetSubjectDN(new X509Name(ord, attrs)); certGen.SetPublicKey(dsaPub); - certGen.SetSignatureAlgorithm("SHA1WITHDSA"); - X509Certificate cert = certGen.Generate(dsaPriv); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("SHA1WITHDSA", dsaPriv, null)); -// Assert.IsTrue((cert.IsValidNow && cert.Verify(dsaPub)), "Certificate failed to be valid (DSA Test)"); - cert.CheckValidity(); + //Assert.IsTrue((cert.IsValidNow && cert.Verify(dsaPub)), "Certificate failed to be valid (DSA Test)"); + cert.CheckValidity(); cert.Verify(dsaPub); //ISet dummySet = cert.GetNonCriticalExtensionOids(); @@ -262,14 +260,13 @@ namespace Org.BouncyCastle.X509.Tests certGen.SetNotAfter(DateTime.UtcNow.AddDays(1)); certGen.SetSubjectDN(new X509Name(ord, attrs)); certGen.SetPublicKey(ecPub); - certGen.SetSignatureAlgorithm("SHA1WITHECDSA"); certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false)); - X509Certificate cert = certGen.Generate(ecPriv); + X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("SHA1WITHECDSA", ecPriv, null)); -// Assert.IsTrue((cert.IsValidNow && cert.Verify(ecPub)), "Certificate failed to be valid (ECDSA)"); - cert.CheckValidity(); + //Assert.IsTrue((cert.IsValidNow && cert.Verify(ecPub)), "Certificate failed to be valid (ECDSA)"); + cert.CheckValidity(); cert.Verify(ecPub); ISet extOidSet = cert.GetCriticalExtensionOids(); |