diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2019-01-31 19:26:09 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2019-01-31 19:26:09 +0700 |
| commit | 65b588a45feb07f27716288ff15f784b5bf73812 (patch) | |
| tree | 41d4d9e5d939e32008460cee18d6fc3dd6857ce0 /crypto | |
| parent | removed unnecessary extra ECGOST3410 class (diff) | |
| download | BouncyCastle.NET-ed25519-65b588a45feb07f27716288ff15f784b5bf73812.tar.xz | |
Fixes and tidying up for release
Diffstat (limited to 'crypto')
78 files changed, 1758 insertions, 1750 deletions
diff --git a/crypto/BouncyCastle.Android.csproj b/crypto/BouncyCastle.Android.csproj index 367bd7ff9..b339f4f79 100644 --- a/crypto/BouncyCastle.Android.csproj +++ b/crypto/BouncyCastle.Android.csproj @@ -562,6 +562,15 @@ <Compile Include="src\bcpg\sig\SignatureExpirationTime.cs" /> <Compile Include="src\bcpg\sig\SignerUserId.cs" /> <Compile Include="src\bcpg\sig\TrustSignature.cs" /> + <Compile Include="src\cmp\CertificateConfirmationContent.cs" /> + <Compile Include="src\cmp\CertificateConfirmationContentBuilder.cs" /> + <Compile Include="src\cmp\CertificateStatus.cs" /> + <Compile Include="src\cmp\CmpException.cs" /> + <Compile Include="src\cmp\GeneralPkiMessage.cs" /> + <Compile Include="src\cmp\ProtectedPkiMessage.cs" /> + <Compile Include="src\cmp\ProtectedPkiMessageBuilder.cs" /> + <Compile Include="src\cmp\RevocationDetails.cs" /> + <Compile Include="src\cmp\RevocationDetailsBuilder.cs" /> <Compile Include="src\cms\BaseDigestCalculator.cs" /> <Compile Include="src\cms\CMSAttributeTableGenerationException.cs" /> <Compile Include="src\cms\CMSAttributeTableGenerator.cs" /> @@ -603,6 +612,7 @@ <Compile Include="src\cms\CounterSignatureDigestCalculator.cs" /> <Compile Include="src\cms\DefaultAuthenticatedAttributeTableGenerator.cs" /> <Compile Include="src\cms\DefaultSignedAttributeTableGenerator.cs" /> + <Compile Include="src\cms\EnvelopedDataHelper.cs" /> <Compile Include="src\cms\IDigestCalculator.cs" /> <Compile Include="src\cms\KEKRecipientInfoGenerator.cs" /> <Compile Include="src\cms\KEKRecipientInformation.cs" /> @@ -626,6 +636,20 @@ <Compile Include="src\cms\SignerInformation.cs" /> <Compile Include="src\cms\SignerInformationStore.cs" /> <Compile Include="src\cms\SimpleAttributeTableGenerator.cs" /> + <Compile Include="src\crmf\AuthenticatorControl.cs" /> + <Compile Include="src\crmf\CertificateRequestMessage.cs" /> + <Compile Include="src\crmf\CertificateRequestMessageBuilder.cs" /> + <Compile Include="src\crmf\CrmfException.cs" /> + <Compile Include="src\crmf\DefaultPKMacPrimitivesProvider.cs" /> + <Compile Include="src\crmf\EncryptedValueBuilder.cs" /> + <Compile Include="src\crmf\IControl.cs" /> + <Compile Include="src\crmf\IEncryptedValuePadder.cs" /> + <Compile Include="src\crmf\IPKMacPrimitivesProvider.cs" /> + <Compile Include="src\crmf\PkiArchiveControl.cs" /> + <Compile Include="src\crmf\PkiArchiveControlBuilder.cs" /> + <Compile Include="src\crmf\PKMacBuilder.cs" /> + <Compile Include="src\crmf\ProofOfPossessionSigningKeyBuilder.cs" /> + <Compile Include="src\crmf\RegTokenControl.cs" /> <Compile Include="src\crypto\AsymmetricCipherKeyPair.cs" /> <Compile Include="src\crypto\AsymmetricKeyParameter.cs" /> <Compile Include="src\crypto\BufferedAeadBlockCipher.cs" /> @@ -650,15 +674,22 @@ <Compile Include="src\crypto\IBlockCipher.cs" /> <Compile Include="src\crypto\IBlockResult.cs" /> <Compile Include="src\crypto\IBufferedCipher.cs" /> + <Compile Include="src\crypto\ICipher.cs" /> + <Compile Include="src\crypto\ICipherBuilder.cs" /> + <Compile Include="src\crypto\ICipherBuilderWithKey.cs" /> <Compile Include="src\crypto\ICipherParameters.cs" /> - <Compile Include="src\crypto\IDSA.cs" /> - <Compile Include="src\crypto\IDsaExt.cs" /> + <Compile Include="src\crypto\IDecryptorBuilderProvider.cs" /> <Compile Include="src\crypto\IDerivationFunction.cs" /> <Compile Include="src\crypto\IDerivationParameters.cs" /> <Compile Include="src\crypto\IDigest.cs" /> + <Compile Include="src\crypto\IDSA.cs" /> + <Compile Include="src\crypto\IDsaExt.cs" /> <Compile Include="src\crypto\IEntropySource.cs" /> <Compile Include="src\crypto\IEntropySourceProvider.cs" /> + <Compile Include="src\crypto\IKeyUnwrapper.cs" /> + <Compile Include="src\crypto\IKeyWrapper.cs" /> <Compile Include="src\crypto\IMac.cs" /> + <Compile Include="src\crypto\IMacFactory.cs" /> <Compile Include="src\crypto\IRawAgreement.cs" /> <Compile Include="src\crypto\IRsa.cs" /> <Compile Include="src\crypto\ISignatureFactory.cs" /> @@ -677,20 +708,8 @@ <Compile Include="src\crypto\OutputLengthException.cs" /> <Compile Include="src\crypto\parameters\HKDFParameters.cs" /> <Compile Include="src\crypto\PbeParametersGenerator.cs" /> - <Compile Include="src\crypto\prng\BasicEntropySourceProvider.cs" /> - <Compile Include="src\crypto\prng\CryptoApiEntropySourceProvider.cs" /> - <Compile Include="src\crypto\prng\drbg\CtrSP800Drbg.cs" /> - <Compile Include="src\crypto\prng\drbg\DrbgUtilities.cs" /> - <Compile Include="src\crypto\prng\drbg\HashSP800Drbg.cs" /> - <Compile Include="src\crypto\prng\drbg\HMacSP800Drbg.cs" /> - <Compile Include="src\crypto\prng\drbg\ISP80090Drbg.cs" /> - <Compile Include="src\crypto\prng\EntropyUtilities.cs" /> - <Compile Include="src\crypto\prng\IDrbgProvider.cs" /> - <Compile Include="src\crypto\prng\SP800SecureRandom.cs" /> - <Compile Include="src\crypto\prng\SP800SecureRandomBuilder.cs" /> - <Compile Include="src\crypto\prng\X931Rng.cs" /> - <Compile Include="src\crypto\prng\X931SecureRandom.cs" /> - <Compile Include="src\crypto\prng\X931SecureRandomBuilder.cs" /> + <Compile Include="src\crypto\Security.cs" /> + <Compile Include="src\crypto\SimpleBlockResult.cs" /> <Compile Include="src\crypto\StreamBlockCipher.cs" /> <Compile Include="src\crypto\agreement\DHAgreement.cs" /> <Compile Include="src\crypto\agreement\DHBasicAgreement.cs" /> @@ -882,11 +901,16 @@ <Compile Include="src\crypto\modes\gcm\Tables1kGcmExponentiator.cs" /> <Compile Include="src\crypto\modes\gcm\Tables64kGcmMultiplier.cs" /> <Compile Include="src\crypto\modes\gcm\Tables8kGcmMultiplier.cs" /> + <Compile Include="src\crypto\operators\Asn1CipherBuilder.cs" /> + <Compile Include="src\crypto\operators\Asn1KeyWrapper.cs" /> <Compile Include="src\crypto\operators\Asn1Signature.cs" /> + <Compile Include="src\crypto\operators\CmsContentEncryptorBuilder.cs" /> + <Compile Include="src\crypto\operators\CmsKeyTransRecipientInfoGenerator.cs" /> <Compile Include="src\crypto\operators\DefaultSignatureCalculator.cs" /> <Compile Include="src\crypto\operators\DefaultSignatureResult.cs" /> <Compile Include="src\crypto\operators\DefaultVerifierCalculator.cs" /> <Compile Include="src\crypto\operators\DefaultVerifierResult.cs" /> + <Compile Include="src\crypto\operators\GenericKey.cs" /> <Compile Include="src\crypto\paddings\BlockCipherPadding.cs" /> <Compile Include="src\crypto\paddings\ISO10126d2Padding.cs" /> <Compile Include="src\crypto\paddings\ISO7816d4Padding.cs" /> @@ -913,8 +937,10 @@ <Compile Include="src\crypto\parameters\DsaPublicKeyParameters.cs" /> <Compile Include="src\crypto\parameters\DsaValidationParameters.cs" /> <Compile Include="src\crypto\parameters\ECDomainParameters.cs" /> + <Compile Include="src\crypto\parameters\ECGOST3410Parameters.cs" /> <Compile Include="src\crypto\parameters\ECKeyGenerationParameters.cs" /> <Compile Include="src\crypto\parameters\ECKeyParameters.cs" /> + <Compile Include="src\crypto\parameters\ECNamedDomainParameters.cs" /> <Compile Include="src\crypto\parameters\ECPrivateKeyParameters.cs" /> <Compile Include="src\crypto\parameters\ECPublicKeyParameters.cs" /> <Compile Include="src\crypto\parameters\Ed25519KeyGenerationParameters.cs" /> @@ -967,12 +993,26 @@ <Compile Include="src\crypto\parameters\X448KeyGenerationParameters.cs" /> <Compile Include="src\crypto\parameters\X448PrivateKeyParameters.cs" /> <Compile Include="src\crypto\parameters\X448PublicKeyParameters.cs" /> + <Compile Include="src\crypto\prng\BasicEntropySourceProvider.cs" /> + <Compile Include="src\crypto\prng\CryptoApiEntropySourceProvider.cs" /> <Compile Include="src\crypto\prng\CryptoApiRandomGenerator.cs" /> <Compile Include="src\crypto\prng\DigestRandomGenerator.cs" /> + <Compile Include="src\crypto\prng\EntropyUtilities.cs" /> + <Compile Include="src\crypto\prng\IDrbgProvider.cs" /> <Compile Include="src\crypto\prng\IRandomGenerator.cs" /> <Compile Include="src\crypto\prng\ReversedWindowGenerator.cs" /> + <Compile Include="src\crypto\prng\SP800SecureRandom.cs" /> + <Compile Include="src\crypto\prng\SP800SecureRandomBuilder.cs" /> <Compile Include="src\crypto\prng\ThreadedSeedGenerator.cs" /> <Compile Include="src\crypto\prng\VMPCRandomGenerator.cs" /> + <Compile Include="src\crypto\prng\X931Rng.cs" /> + <Compile Include="src\crypto\prng\X931SecureRandom.cs" /> + <Compile Include="src\crypto\prng\X931SecureRandomBuilder.cs" /> + <Compile Include="src\crypto\prng\drbg\CtrSP800Drbg.cs" /> + <Compile Include="src\crypto\prng\drbg\DrbgUtilities.cs" /> + <Compile Include="src\crypto\prng\drbg\HashSP800Drbg.cs" /> + <Compile Include="src\crypto\prng\drbg\HMacSP800Drbg.cs" /> + <Compile Include="src\crypto\prng\drbg\ISP80090Drbg.cs" /> <Compile Include="src\crypto\signers\DsaDigestSigner.cs" /> <Compile Include="src\crypto\signers\DsaSigner.cs" /> <Compile Include="src\crypto\signers\ECDsaSigner.cs" /> @@ -1161,6 +1201,9 @@ <Compile Include="src\crypto\tls\UrlAndHash.cs" /> <Compile Include="src\crypto\tls\UseSrtpData.cs" /> <Compile Include="src\crypto\tls\UserMappingType.cs" /> + <Compile Include="src\crypto\util\AlgorithmIdentifierFactory.cs" /> + <Compile Include="src\crypto\util\CipherFactory.cs" /> + <Compile Include="src\crypto\util\CipherKeyGeneratorFactory.cs" /> <Compile Include="src\crypto\util\Pack.cs" /> <Compile Include="src\math\BigInteger.cs" /> <Compile Include="src\math\Primes.cs" /> @@ -1415,6 +1458,10 @@ <Compile Include="src\pkcs\Pkcs12Entry.cs" /> <Compile Include="src\pkcs\Pkcs12Store.cs" /> <Compile Include="src\pkcs\Pkcs12Utilities.cs" /> + <Compile Include="src\pkcs\Pkcs8EncryptedPrivateKeyInfo.cs" /> + <Compile Include="src\pkcs\Pkcs8EncryptedPrivateKeyInfoBuilder.cs" /> + <Compile Include="src\pkcs\PkcsException.cs" /> + <Compile Include="src\pkcs\PkcsIOException.cs" /> <Compile Include="src\pkcs\PrivateKeyInfoFactory.cs" /> <Compile Include="src\pkcs\X509CertificateEntry.cs" /> <Compile Include="src\pkix\CertStatus.cs" /> @@ -1515,6 +1562,8 @@ <Compile Include="src\util\io\BaseInputStream.cs" /> <Compile Include="src\util\io\BaseOutputStream.cs" /> <Compile Include="src\util\io\FilterStream.cs" /> + <Compile Include="src\util\io\MemoryInputStream.cs" /> + <Compile Include="src\util\io\MemoryOutputStream.cs" /> <Compile Include="src\util\io\NullOutputStream.cs" /> <Compile Include="src\util\io\PushbackStream.cs" /> <Compile Include="src\util\io\StreamOverflowException.cs" /> diff --git a/crypto/BouncyCastle.csproj b/crypto/BouncyCastle.csproj index 5dfdd35e5..af51afd16 100644 --- a/crypto/BouncyCastle.csproj +++ b/crypto/BouncyCastle.csproj @@ -556,6 +556,15 @@ <Compile Include="src\bcpg\sig\SignatureExpirationTime.cs" /> <Compile Include="src\bcpg\sig\SignerUserId.cs" /> <Compile Include="src\bcpg\sig\TrustSignature.cs" /> + <Compile Include="src\cmp\CertificateConfirmationContent.cs" /> + <Compile Include="src\cmp\CertificateConfirmationContentBuilder.cs" /> + <Compile Include="src\cmp\CertificateStatus.cs" /> + <Compile Include="src\cmp\CmpException.cs" /> + <Compile Include="src\cmp\GeneralPkiMessage.cs" /> + <Compile Include="src\cmp\ProtectedPkiMessage.cs" /> + <Compile Include="src\cmp\ProtectedPkiMessageBuilder.cs" /> + <Compile Include="src\cmp\RevocationDetails.cs" /> + <Compile Include="src\cmp\RevocationDetailsBuilder.cs" /> <Compile Include="src\cms\BaseDigestCalculator.cs" /> <Compile Include="src\cms\CMSAttributeTableGenerationException.cs" /> <Compile Include="src\cms\CMSAttributeTableGenerator.cs" /> @@ -597,6 +606,7 @@ <Compile Include="src\cms\CounterSignatureDigestCalculator.cs" /> <Compile Include="src\cms\DefaultAuthenticatedAttributeTableGenerator.cs" /> <Compile Include="src\cms\DefaultSignedAttributeTableGenerator.cs" /> + <Compile Include="src\cms\EnvelopedDataHelper.cs" /> <Compile Include="src\cms\IDigestCalculator.cs" /> <Compile Include="src\cms\KEKRecipientInfoGenerator.cs" /> <Compile Include="src\cms\KEKRecipientInformation.cs" /> @@ -620,6 +630,20 @@ <Compile Include="src\cms\SignerInformation.cs" /> <Compile Include="src\cms\SignerInformationStore.cs" /> <Compile Include="src\cms\SimpleAttributeTableGenerator.cs" /> + <Compile Include="src\crmf\AuthenticatorControl.cs" /> + <Compile Include="src\crmf\CertificateRequestMessage.cs" /> + <Compile Include="src\crmf\CertificateRequestMessageBuilder.cs" /> + <Compile Include="src\crmf\CrmfException.cs" /> + <Compile Include="src\crmf\DefaultPKMacPrimitivesProvider.cs" /> + <Compile Include="src\crmf\EncryptedValueBuilder.cs" /> + <Compile Include="src\crmf\IControl.cs" /> + <Compile Include="src\crmf\IEncryptedValuePadder.cs" /> + <Compile Include="src\crmf\IPKMacPrimitivesProvider.cs" /> + <Compile Include="src\crmf\PkiArchiveControl.cs" /> + <Compile Include="src\crmf\PkiArchiveControlBuilder.cs" /> + <Compile Include="src\crmf\PKMacBuilder.cs" /> + <Compile Include="src\crmf\ProofOfPossessionSigningKeyBuilder.cs" /> + <Compile Include="src\crmf\RegTokenControl.cs" /> <Compile Include="src\crypto\AsymmetricCipherKeyPair.cs" /> <Compile Include="src\crypto\AsymmetricKeyParameter.cs" /> <Compile Include="src\crypto\BufferedAeadBlockCipher.cs" /> @@ -644,15 +668,22 @@ <Compile Include="src\crypto\IBlockCipher.cs" /> <Compile Include="src\crypto\IBlockResult.cs" /> <Compile Include="src\crypto\IBufferedCipher.cs" /> + <Compile Include="src\crypto\ICipher.cs" /> + <Compile Include="src\crypto\ICipherBuilder.cs" /> + <Compile Include="src\crypto\ICipherBuilderWithKey.cs" /> <Compile Include="src\crypto\ICipherParameters.cs" /> - <Compile Include="src\crypto\IDSA.cs" /> - <Compile Include="src\crypto\IDsaExt.cs" /> + <Compile Include="src\crypto\IDecryptorBuilderProvider.cs" /> <Compile Include="src\crypto\IDerivationFunction.cs" /> <Compile Include="src\crypto\IDerivationParameters.cs" /> <Compile Include="src\crypto\IDigest.cs" /> + <Compile Include="src\crypto\IDSA.cs" /> + <Compile Include="src\crypto\IDsaExt.cs" /> <Compile Include="src\crypto\IEntropySource.cs" /> <Compile Include="src\crypto\IEntropySourceProvider.cs" /> + <Compile Include="src\crypto\IKeyUnwrapper.cs" /> + <Compile Include="src\crypto\IKeyWrapper.cs" /> <Compile Include="src\crypto\IMac.cs" /> + <Compile Include="src\crypto\IMacFactory.cs" /> <Compile Include="src\crypto\IRawAgreement.cs" /> <Compile Include="src\crypto\IRsa.cs" /> <Compile Include="src\crypto\ISignatureFactory.cs" /> @@ -669,23 +700,11 @@ <Compile Include="src\crypto\KeyGenerationParameters.cs" /> <Compile Include="src\crypto\MaxBytesExceededException.cs" /> <Compile Include="src\crypto\OutputLengthException.cs" /> + <Compile Include="src\crypto\Security.cs" /> + <Compile Include="src\crypto\SimpleBlockResult.cs" /> + <Compile Include="src\crypto\StreamBlockCipher.cs" /> <Compile Include="src\crypto\parameters\HKDFParameters.cs" /> <Compile Include="src\crypto\PbeParametersGenerator.cs" /> - <Compile Include="src\crypto\prng\BasicEntropySourceProvider.cs" /> - <Compile Include="src\crypto\prng\CryptoApiEntropySourceProvider.cs" /> - <Compile Include="src\crypto\prng\drbg\CtrSP800Drbg.cs" /> - <Compile Include="src\crypto\prng\drbg\DrbgUtilities.cs" /> - <Compile Include="src\crypto\prng\drbg\HashSP800Drbg.cs" /> - <Compile Include="src\crypto\prng\drbg\HMacSP800Drbg.cs" /> - <Compile Include="src\crypto\prng\drbg\ISP80090Drbg.cs" /> - <Compile Include="src\crypto\prng\EntropyUtilities.cs" /> - <Compile Include="src\crypto\prng\IDrbgProvider.cs" /> - <Compile Include="src\crypto\prng\SP800SecureRandom.cs" /> - <Compile Include="src\crypto\prng\SP800SecureRandomBuilder.cs" /> - <Compile Include="src\crypto\prng\X931Rng.cs" /> - <Compile Include="src\crypto\prng\X931SecureRandom.cs" /> - <Compile Include="src\crypto\prng\X931SecureRandomBuilder.cs" /> - <Compile Include="src\crypto\StreamBlockCipher.cs" /> <Compile Include="src\crypto\agreement\DHAgreement.cs" /> <Compile Include="src\crypto\agreement\DHBasicAgreement.cs" /> <Compile Include="src\crypto\agreement\DHStandardGroups.cs" /> @@ -876,11 +895,16 @@ <Compile Include="src\crypto\modes\gcm\Tables1kGcmExponentiator.cs" /> <Compile Include="src\crypto\modes\gcm\Tables64kGcmMultiplier.cs" /> <Compile Include="src\crypto\modes\gcm\Tables8kGcmMultiplier.cs" /> + <Compile Include="src\crypto\operators\Asn1CipherBuilder.cs" /> + <Compile Include="src\crypto\operators\Asn1KeyWrapper.cs" /> <Compile Include="src\crypto\operators\Asn1Signature.cs" /> + <Compile Include="src\crypto\operators\CmsContentEncryptorBuilder.cs" /> + <Compile Include="src\crypto\operators\CmsKeyTransRecipientInfoGenerator.cs" /> <Compile Include="src\crypto\operators\DefaultSignatureCalculator.cs" /> <Compile Include="src\crypto\operators\DefaultSignatureResult.cs" /> <Compile Include="src\crypto\operators\DefaultVerifierCalculator.cs" /> <Compile Include="src\crypto\operators\DefaultVerifierResult.cs" /> + <Compile Include="src\crypto\operators\GenericKey.cs" /> <Compile Include="src\crypto\paddings\BlockCipherPadding.cs" /> <Compile Include="src\crypto\paddings\ISO10126d2Padding.cs" /> <Compile Include="src\crypto\paddings\ISO7816d4Padding.cs" /> @@ -907,8 +931,10 @@ <Compile Include="src\crypto\parameters\DsaPublicKeyParameters.cs" /> <Compile Include="src\crypto\parameters\DsaValidationParameters.cs" /> <Compile Include="src\crypto\parameters\ECDomainParameters.cs" /> + <Compile Include="src\crypto\parameters\ECGOST3410Parameters.cs" /> <Compile Include="src\crypto\parameters\ECKeyGenerationParameters.cs" /> <Compile Include="src\crypto\parameters\ECKeyParameters.cs" /> + <Compile Include="src\crypto\parameters\ECNamedDomainParameters.cs" /> <Compile Include="src\crypto\parameters\ECPrivateKeyParameters.cs" /> <Compile Include="src\crypto\parameters\ECPublicKeyParameters.cs" /> <Compile Include="src\crypto\parameters\Ed25519KeyGenerationParameters.cs" /> @@ -961,12 +987,26 @@ <Compile Include="src\crypto\parameters\X448KeyGenerationParameters.cs" /> <Compile Include="src\crypto\parameters\X448PrivateKeyParameters.cs" /> <Compile Include="src\crypto\parameters\X448PublicKeyParameters.cs" /> + <Compile Include="src\crypto\prng\BasicEntropySourceProvider.cs" /> + <Compile Include="src\crypto\prng\CryptoApiEntropySourceProvider.cs" /> <Compile Include="src\crypto\prng\CryptoApiRandomGenerator.cs" /> <Compile Include="src\crypto\prng\DigestRandomGenerator.cs" /> + <Compile Include="src\crypto\prng\EntropyUtilities.cs" /> + <Compile Include="src\crypto\prng\IDrbgProvider.cs" /> <Compile Include="src\crypto\prng\IRandomGenerator.cs" /> <Compile Include="src\crypto\prng\ReversedWindowGenerator.cs" /> + <Compile Include="src\crypto\prng\SP800SecureRandom.cs" /> + <Compile Include="src\crypto\prng\SP800SecureRandomBuilder.cs" /> <Compile Include="src\crypto\prng\ThreadedSeedGenerator.cs" /> <Compile Include="src\crypto\prng\VMPCRandomGenerator.cs" /> + <Compile Include="src\crypto\prng\X931Rng.cs" /> + <Compile Include="src\crypto\prng\X931SecureRandom.cs" /> + <Compile Include="src\crypto\prng\X931SecureRandomBuilder.cs" /> + <Compile Include="src\crypto\prng\drbg\CtrSP800Drbg.cs" /> + <Compile Include="src\crypto\prng\drbg\DrbgUtilities.cs" /> + <Compile Include="src\crypto\prng\drbg\HashSP800Drbg.cs" /> + <Compile Include="src\crypto\prng\drbg\HMacSP800Drbg.cs" /> + <Compile Include="src\crypto\prng\drbg\ISP80090Drbg.cs" /> <Compile Include="src\crypto\signers\DsaDigestSigner.cs" /> <Compile Include="src\crypto\signers\DsaSigner.cs" /> <Compile Include="src\crypto\signers\ECDsaSigner.cs" /> @@ -1155,6 +1195,9 @@ <Compile Include="src\crypto\tls\UrlAndHash.cs" /> <Compile Include="src\crypto\tls\UseSrtpData.cs" /> <Compile Include="src\crypto\tls\UserMappingType.cs" /> + <Compile Include="src\crypto\util\AlgorithmIdentifierFactory.cs" /> + <Compile Include="src\crypto\util\CipherFactory.cs" /> + <Compile Include="src\crypto\util\CipherKeyGeneratorFactory.cs" /> <Compile Include="src\crypto\util\Pack.cs" /> <Compile Include="src\math\BigInteger.cs" /> <Compile Include="src\math\Primes.cs" /> @@ -1409,6 +1452,10 @@ <Compile Include="src\pkcs\Pkcs12Entry.cs" /> <Compile Include="src\pkcs\Pkcs12Store.cs" /> <Compile Include="src\pkcs\Pkcs12Utilities.cs" /> + <Compile Include="src\pkcs\Pkcs8EncryptedPrivateKeyInfo.cs" /> + <Compile Include="src\pkcs\Pkcs8EncryptedPrivateKeyInfoBuilder.cs" /> + <Compile Include="src\pkcs\PkcsException.cs" /> + <Compile Include="src\pkcs\PkcsIOException.cs" /> <Compile Include="src\pkcs\PrivateKeyInfoFactory.cs" /> <Compile Include="src\pkcs\X509CertificateEntry.cs" /> <Compile Include="src\pkix\CertStatus.cs" /> @@ -1509,6 +1556,8 @@ <Compile Include="src\util\io\BaseInputStream.cs" /> <Compile Include="src\util\io\BaseOutputStream.cs" /> <Compile Include="src\util\io\FilterStream.cs" /> + <Compile Include="src\util\io\MemoryInputStream.cs" /> + <Compile Include="src\util\io\MemoryOutputStream.cs" /> <Compile Include="src\util\io\NullOutputStream.cs" /> <Compile Include="src\util\io\PushbackStream.cs" /> <Compile Include="src\util\io\StreamOverflowException.cs" /> diff --git a/crypto/BouncyCastle.iOS.csproj b/crypto/BouncyCastle.iOS.csproj index 3208fbce7..a90f01785 100644 --- a/crypto/BouncyCastle.iOS.csproj +++ b/crypto/BouncyCastle.iOS.csproj @@ -557,6 +557,15 @@ <Compile Include="src\bcpg\sig\SignatureExpirationTime.cs" /> <Compile Include="src\bcpg\sig\SignerUserId.cs" /> <Compile Include="src\bcpg\sig\TrustSignature.cs" /> + <Compile Include="src\cmp\CertificateConfirmationContent.cs" /> + <Compile Include="src\cmp\CertificateConfirmationContentBuilder.cs" /> + <Compile Include="src\cmp\CertificateStatus.cs" /> + <Compile Include="src\cmp\CmpException.cs" /> + <Compile Include="src\cmp\GeneralPkiMessage.cs" /> + <Compile Include="src\cmp\ProtectedPkiMessage.cs" /> + <Compile Include="src\cmp\ProtectedPkiMessageBuilder.cs" /> + <Compile Include="src\cmp\RevocationDetails.cs" /> + <Compile Include="src\cmp\RevocationDetailsBuilder.cs" /> <Compile Include="src\cms\BaseDigestCalculator.cs" /> <Compile Include="src\cms\CMSAttributeTableGenerationException.cs" /> <Compile Include="src\cms\CMSAttributeTableGenerator.cs" /> @@ -598,6 +607,7 @@ <Compile Include="src\cms\CounterSignatureDigestCalculator.cs" /> <Compile Include="src\cms\DefaultAuthenticatedAttributeTableGenerator.cs" /> <Compile Include="src\cms\DefaultSignedAttributeTableGenerator.cs" /> + <Compile Include="src\cms\EnvelopedDataHelper.cs" /> <Compile Include="src\cms\IDigestCalculator.cs" /> <Compile Include="src\cms\KEKRecipientInfoGenerator.cs" /> <Compile Include="src\cms\KEKRecipientInformation.cs" /> @@ -621,6 +631,20 @@ <Compile Include="src\cms\SignerInformation.cs" /> <Compile Include="src\cms\SignerInformationStore.cs" /> <Compile Include="src\cms\SimpleAttributeTableGenerator.cs" /> + <Compile Include="src\crmf\AuthenticatorControl.cs" /> + <Compile Include="src\crmf\CertificateRequestMessage.cs" /> + <Compile Include="src\crmf\CertificateRequestMessageBuilder.cs" /> + <Compile Include="src\crmf\CrmfException.cs" /> + <Compile Include="src\crmf\DefaultPKMacPrimitivesProvider.cs" /> + <Compile Include="src\crmf\EncryptedValueBuilder.cs" /> + <Compile Include="src\crmf\IControl.cs" /> + <Compile Include="src\crmf\IEncryptedValuePadder.cs" /> + <Compile Include="src\crmf\IPKMacPrimitivesProvider.cs" /> + <Compile Include="src\crmf\PkiArchiveControl.cs" /> + <Compile Include="src\crmf\PkiArchiveControlBuilder.cs" /> + <Compile Include="src\crmf\PKMacBuilder.cs" /> + <Compile Include="src\crmf\ProofOfPossessionSigningKeyBuilder.cs" /> + <Compile Include="src\crmf\RegTokenControl.cs" /> <Compile Include="src\crypto\AsymmetricCipherKeyPair.cs" /> <Compile Include="src\crypto\AsymmetricKeyParameter.cs" /> <Compile Include="src\crypto\BufferedAeadBlockCipher.cs" /> @@ -645,15 +669,22 @@ <Compile Include="src\crypto\IBlockCipher.cs" /> <Compile Include="src\crypto\IBlockResult.cs" /> <Compile Include="src\crypto\IBufferedCipher.cs" /> + <Compile Include="src\crypto\ICipher.cs" /> + <Compile Include="src\crypto\ICipherBuilder.cs" /> + <Compile Include="src\crypto\ICipherBuilderWithKey.cs" /> <Compile Include="src\crypto\ICipherParameters.cs" /> - <Compile Include="src\crypto\IDSA.cs" /> - <Compile Include="src\crypto\IDsaExt.cs" /> + <Compile Include="src\crypto\IDecryptorBuilderProvider.cs" /> <Compile Include="src\crypto\IDerivationFunction.cs" /> <Compile Include="src\crypto\IDerivationParameters.cs" /> <Compile Include="src\crypto\IDigest.cs" /> + <Compile Include="src\crypto\IDSA.cs" /> + <Compile Include="src\crypto\IDsaExt.cs" /> <Compile Include="src\crypto\IEntropySource.cs" /> <Compile Include="src\crypto\IEntropySourceProvider.cs" /> + <Compile Include="src\crypto\IKeyUnwrapper.cs" /> + <Compile Include="src\crypto\IKeyWrapper.cs" /> <Compile Include="src\crypto\IMac.cs" /> + <Compile Include="src\crypto\IMacFactory.cs" /> <Compile Include="src\crypto\IRawAgreement.cs" /> <Compile Include="src\crypto\IRsa.cs" /> <Compile Include="src\crypto\ISignatureFactory.cs" /> @@ -672,20 +703,8 @@ <Compile Include="src\crypto\OutputLengthException.cs" /> <Compile Include="src\crypto\parameters\HKDFParameters.cs" /> <Compile Include="src\crypto\PbeParametersGenerator.cs" /> - <Compile Include="src\crypto\prng\BasicEntropySourceProvider.cs" /> - <Compile Include="src\crypto\prng\CryptoApiEntropySourceProvider.cs" /> - <Compile Include="src\crypto\prng\drbg\CtrSP800Drbg.cs" /> - <Compile Include="src\crypto\prng\drbg\DrbgUtilities.cs" /> - <Compile Include="src\crypto\prng\drbg\HashSP800Drbg.cs" /> - <Compile Include="src\crypto\prng\drbg\HMacSP800Drbg.cs" /> - <Compile Include="src\crypto\prng\drbg\ISP80090Drbg.cs" /> - <Compile Include="src\crypto\prng\EntropyUtilities.cs" /> - <Compile Include="src\crypto\prng\IDrbgProvider.cs" /> - <Compile Include="src\crypto\prng\SP800SecureRandom.cs" /> - <Compile Include="src\crypto\prng\SP800SecureRandomBuilder.cs" /> - <Compile Include="src\crypto\prng\X931Rng.cs" /> - <Compile Include="src\crypto\prng\X931SecureRandom.cs" /> - <Compile Include="src\crypto\prng\X931SecureRandomBuilder.cs" /> + <Compile Include="src\crypto\Security.cs" /> + <Compile Include="src\crypto\SimpleBlockResult.cs" /> <Compile Include="src\crypto\StreamBlockCipher.cs" /> <Compile Include="src\crypto\agreement\DHAgreement.cs" /> <Compile Include="src\crypto\agreement\DHBasicAgreement.cs" /> @@ -877,11 +896,16 @@ <Compile Include="src\crypto\modes\gcm\Tables1kGcmExponentiator.cs" /> <Compile Include="src\crypto\modes\gcm\Tables64kGcmMultiplier.cs" /> <Compile Include="src\crypto\modes\gcm\Tables8kGcmMultiplier.cs" /> + <Compile Include="src\crypto\operators\Asn1CipherBuilder.cs" /> + <Compile Include="src\crypto\operators\Asn1KeyWrapper.cs" /> <Compile Include="src\crypto\operators\Asn1Signature.cs" /> + <Compile Include="src\crypto\operators\CmsContentEncryptorBuilder.cs" /> + <Compile Include="src\crypto\operators\CmsKeyTransRecipientInfoGenerator.cs" /> <Compile Include="src\crypto\operators\DefaultSignatureCalculator.cs" /> <Compile Include="src\crypto\operators\DefaultSignatureResult.cs" /> <Compile Include="src\crypto\operators\DefaultVerifierCalculator.cs" /> <Compile Include="src\crypto\operators\DefaultVerifierResult.cs" /> + <Compile Include="src\crypto\operators\GenericKey.cs" /> <Compile Include="src\crypto\paddings\BlockCipherPadding.cs" /> <Compile Include="src\crypto\paddings\ISO10126d2Padding.cs" /> <Compile Include="src\crypto\paddings\ISO7816d4Padding.cs" /> @@ -908,8 +932,10 @@ <Compile Include="src\crypto\parameters\DsaPublicKeyParameters.cs" /> <Compile Include="src\crypto\parameters\DsaValidationParameters.cs" /> <Compile Include="src\crypto\parameters\ECDomainParameters.cs" /> + <Compile Include="src\crypto\parameters\ECGOST3410Parameters.cs" /> <Compile Include="src\crypto\parameters\ECKeyGenerationParameters.cs" /> <Compile Include="src\crypto\parameters\ECKeyParameters.cs" /> + <Compile Include="src\crypto\parameters\ECNamedDomainParameters.cs" /> <Compile Include="src\crypto\parameters\ECPrivateKeyParameters.cs" /> <Compile Include="src\crypto\parameters\ECPublicKeyParameters.cs" /> <Compile Include="src\crypto\parameters\Ed25519KeyGenerationParameters.cs" /> @@ -962,12 +988,26 @@ <Compile Include="src\crypto\parameters\X448KeyGenerationParameters.cs" /> <Compile Include="src\crypto\parameters\X448PrivateKeyParameters.cs" /> <Compile Include="src\crypto\parameters\X448PublicKeyParameters.cs" /> + <Compile Include="src\crypto\prng\BasicEntropySourceProvider.cs" /> + <Compile Include="src\crypto\prng\CryptoApiEntropySourceProvider.cs" /> <Compile Include="src\crypto\prng\CryptoApiRandomGenerator.cs" /> <Compile Include="src\crypto\prng\DigestRandomGenerator.cs" /> + <Compile Include="src\crypto\prng\EntropyUtilities.cs" /> + <Compile Include="src\crypto\prng\IDrbgProvider.cs" /> <Compile Include="src\crypto\prng\IRandomGenerator.cs" /> <Compile Include="src\crypto\prng\ReversedWindowGenerator.cs" /> + <Compile Include="src\crypto\prng\SP800SecureRandom.cs" /> + <Compile Include="src\crypto\prng\SP800SecureRandomBuilder.cs" /> <Compile Include="src\crypto\prng\ThreadedSeedGenerator.cs" /> <Compile Include="src\crypto\prng\VMPCRandomGenerator.cs" /> + <Compile Include="src\crypto\prng\X931Rng.cs" /> + <Compile Include="src\crypto\prng\X931SecureRandom.cs" /> + <Compile Include="src\crypto\prng\X931SecureRandomBuilder.cs" /> + <Compile Include="src\crypto\prng\drbg\CtrSP800Drbg.cs" /> + <Compile Include="src\crypto\prng\drbg\DrbgUtilities.cs" /> + <Compile Include="src\crypto\prng\drbg\HashSP800Drbg.cs" /> + <Compile Include="src\crypto\prng\drbg\HMacSP800Drbg.cs" /> + <Compile Include="src\crypto\prng\drbg\ISP80090Drbg.cs" /> <Compile Include="src\crypto\signers\DsaDigestSigner.cs" /> <Compile Include="src\crypto\signers\DsaSigner.cs" /> <Compile Include="src\crypto\signers\ECDsaSigner.cs" /> @@ -1156,6 +1196,9 @@ <Compile Include="src\crypto\tls\UrlAndHash.cs" /> <Compile Include="src\crypto\tls\UseSrtpData.cs" /> <Compile Include="src\crypto\tls\UserMappingType.cs" /> + <Compile Include="src\crypto\util\AlgorithmIdentifierFactory.cs" /> + <Compile Include="src\crypto\util\CipherFactory.cs" /> + <Compile Include="src\crypto\util\CipherKeyGeneratorFactory.cs" /> <Compile Include="src\crypto\util\Pack.cs" /> <Compile Include="src\math\BigInteger.cs" /> <Compile Include="src\math\Primes.cs" /> @@ -1410,6 +1453,10 @@ <Compile Include="src\pkcs\Pkcs12Entry.cs" /> <Compile Include="src\pkcs\Pkcs12Store.cs" /> <Compile Include="src\pkcs\Pkcs12Utilities.cs" /> + <Compile Include="src\pkcs\Pkcs8EncryptedPrivateKeyInfo.cs" /> + <Compile Include="src\pkcs\Pkcs8EncryptedPrivateKeyInfoBuilder.cs" /> + <Compile Include="src\pkcs\PkcsException.cs" /> + <Compile Include="src\pkcs\PkcsIOException.cs" /> <Compile Include="src\pkcs\PrivateKeyInfoFactory.cs" /> <Compile Include="src\pkcs\X509CertificateEntry.cs" /> <Compile Include="src\pkix\CertStatus.cs" /> @@ -1510,6 +1557,8 @@ <Compile Include="src\util\io\BaseInputStream.cs" /> <Compile Include="src\util\io\BaseOutputStream.cs" /> <Compile Include="src\util\io\FilterStream.cs" /> + <Compile Include="src\util\io\MemoryInputStream.cs" /> + <Compile Include="src\util\io\MemoryOutputStream.cs" /> <Compile Include="src\util\io\NullOutputStream.cs" /> <Compile Include="src\util\io\PushbackStream.cs" /> <Compile Include="src\util\io\StreamOverflowException.cs" /> diff --git a/crypto/Readme.html b/crypto/Readme.html index 9491b7d98..96b380802 100644 --- a/crypto/Readme.html +++ b/crypto/Readme.html @@ -31,6 +31,8 @@ <a href="#mozTocId3413">Notes:</a> <ol> <li> + <a href="#mozTocId85319">Release 1.8.5</a> + <li> <a href="#mozTocId85318">Release 1.8.4</a> <li> <a href="#mozTocId85317">Release 1.8.3</a> @@ -296,11 +298,12 @@ We state, where EC MQV has not otherwise been disabled or removed: <hr style="WIDTH: 100%; HEIGHT: 2px"> <h3><a class="mozTocH3" name="mozTocId3413"></a>Notes:</h3> - <h4><a class="mozTocH4" name="mozTocId85318"></a>Release 1.8.5, 2019</h4> + <h4><a class="mozTocH4" name="mozTocId85319"></a>Release 1.8.5, TBD</h4> + <h5>Additional Features and Functionality</h5> <ul> - <li>Supported added for encoding and decoding of GOST3410-2012 keys</li> - <li>Basic support added for CMP (RFC 4210) and CRMF (RFC 4211), including the PKI archive control.</li> + <li>Supported added for encoding and decoding of GOST3410-2012 keys</li> + <li>Basic support added for CMP (RFC 4210) and CRMF (RFC 4211), including the PKI archive control.</li> </ul> <h4><a class="mozTocH4" name="mozTocId85318"></a>Release 1.8.4, Saturday October 27, 2018</h4> diff --git a/crypto/crypto.csproj b/crypto/crypto.csproj index b45530980..5b0fcbae4 100644 --- a/crypto/crypto.csproj +++ b/crypto/crypto.csproj @@ -2669,6 +2669,51 @@ BuildAction = "Compile" /> <File + RelPath = "src\cmp\CertificateConfirmationContent.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\cmp\CertificateConfirmationContentBuilder.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\cmp\CertificateStatus.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\cmp\CmpException.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\cmp\GeneralPkiMessage.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\cmp\ProtectedPkiMessage.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\cmp\ProtectedPkiMessageBuilder.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\cmp\RevocationDetails.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\cmp\RevocationDetailsBuilder.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\cms\BaseDigestCalculator.cs" SubType = "Code" BuildAction = "Compile" @@ -2874,6 +2919,11 @@ BuildAction = "Compile" /> <File + RelPath = "src\cms\EnvelopedDataHelper.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\cms\IDigestCalculator.cs" SubType = "Code" BuildAction = "Compile" @@ -2989,6 +3039,76 @@ BuildAction = "Compile" /> <File + RelPath = "src\crmf\AuthenticatorControl.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crmf\CertificateRequestMessage.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crmf\CertificateRequestMessageBuilder.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crmf\CrmfException.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crmf\DefaultPKMacPrimitivesProvider.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crmf\EncryptedValueBuilder.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crmf\IControl.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crmf\IEncryptedValuePadder.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crmf\IPKMacPrimitivesProvider.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crmf\PkiArchiveControl.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crmf\PkiArchiveControlBuilder.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crmf\PKMacBuilder.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crmf\ProofOfPossessionSigningKeyBuilder.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crmf\RegTokenControl.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\AsymmetricCipherKeyPair.cs" SubType = "Code" BuildAction = "Compile" @@ -3079,11 +3199,31 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\ICipher.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crypto\ICipherBuilder.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crypto\ICipherBuilderWithKey.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\ICipherParameters.cs" SubType = "Code" BuildAction = "Compile" /> <File + RelPath = "src\crypto\IDecryptorBuilderProvider.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\IDerivationFunction.cs" SubType = "Code" BuildAction = "Compile" @@ -3119,11 +3259,26 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\IKeyUnwrapper.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crypto\IKeyWrapper.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\IMac.cs" SubType = "Code" BuildAction = "Compile" /> <File + RelPath = "src\crypto\IMacFactory.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\InvalidCipherTextException.cs" SubType = "Code" BuildAction = "Compile" @@ -3209,6 +3364,16 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\Security.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crypto\SimpleBlockResult.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\StreamBlockCipher.cs" SubType = "Code" BuildAction = "Compile" @@ -4194,11 +4359,31 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\operators\Asn1CipherBuilder.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crypto\operators\Asn1KeyWrapper.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\operators\Asn1Signature.cs" SubType = "Code" BuildAction = "Compile" /> <File + RelPath = "src\crypto\operators\CmsContentEncryptorBuilder.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crypto\operators\CmsKeyTransRecipientInfoGenerator.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\operators\DefaultSignatureCalculator.cs" SubType = "Code" BuildAction = "Compile" @@ -4219,6 +4404,11 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\operators\GenericKey.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\paddings\BlockCipherPadding.cs" SubType = "Code" BuildAction = "Compile" @@ -4349,6 +4539,11 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\parameters\ECGOST3410Parameters.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\parameters\ECKeyGenerationParameters.cs" SubType = "Code" BuildAction = "Compile" @@ -4359,6 +4554,11 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\parameters\ECNamedDomainParameters.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\parameters\ECPrivateKeyParameters.cs" SubType = "Code" BuildAction = "Compile" @@ -5664,6 +5864,21 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\util\AlgorithmIdentifierFactory.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crypto\util\CipherFactory.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crypto\util\CipherKeyGeneratorFactory.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\util\Pack.cs" SubType = "Code" BuildAction = "Compile" @@ -6934,6 +7149,26 @@ BuildAction = "Compile" /> <File + RelPath = "src\pkcs\Pkcs8EncryptedPrivateKeyInfo.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\pkcs\Pkcs8EncryptedPrivateKeyInfoBuilder.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\pkcs\PkcsException.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\pkcs\PkcsIOException.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\pkcs\PrivateKeyInfoFactory.cs" SubType = "Code" BuildAction = "Compile" @@ -7439,6 +7674,16 @@ BuildAction = "Compile" /> <File + RelPath = "src\util\io\MemoryInputStream.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\util\io\MemoryOutputStream.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\util\io\NullOutputStream.cs" SubType = "Code" BuildAction = "Compile" @@ -11540,6 +11785,11 @@ BuildAction = "Compile" /> <File + RelPath = "test\src\cmp\test\ProtectedMessageTest.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "test\src\cms\test\AllTests.cs" SubType = "Code" BuildAction = "Compile" @@ -11605,6 +11855,11 @@ BuildAction = "Compile" /> <File + RelPath = "test\src\crmf\test\CrmfTest.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "test\src\crypto\agreement\test\AllTests.cs" SubType = "Code" BuildAction = "Compile" @@ -11845,6 +12100,11 @@ BuildAction = "Compile" /> <File + RelPath = "test\src\crypto\test\ECGOST3410_2012Test.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "test\src\crypto\test\ECIESTest.cs" SubType = "Code" BuildAction = "Compile" diff --git a/crypto/src/asn1/DerObjectIdentifier.cs b/crypto/src/asn1/DerObjectIdentifier.cs index 495260a68..1c8032f45 100644 --- a/crypto/src/asn1/DerObjectIdentifier.cs +++ b/crypto/src/asn1/DerObjectIdentifier.cs @@ -211,7 +211,7 @@ namespace Org.BouncyCastle.Asn1 } private static bool IsValidBranchID( - String branchID, int start) + string branchID, int start) { bool periodAllowed = false; diff --git a/crypto/src/asn1/bc/BCObjectIdentifiers.cs b/crypto/src/asn1/bc/BCObjectIdentifiers.cs index 4f23c101a..1e2448853 100644 --- a/crypto/src/asn1/bc/BCObjectIdentifiers.cs +++ b/crypto/src/asn1/bc/BCObjectIdentifiers.cs @@ -5,23 +5,20 @@ namespace Org.BouncyCastle.Asn1.BC public abstract class BCObjectIdentifiers { /** - * iso.org.dod.internet.private.enterprise.legion-of-the-bouncy-castle - *<p> - * 1.3.6.1.4.1.22554 + * iso.org.dod.internet.private.enterprise.legion-of-the-bouncy-castle + * <p>1.3.6.1.4.1.22554</p> */ public static readonly DerObjectIdentifier bc = new DerObjectIdentifier("1.3.6.1.4.1.22554"); /** * pbe(1) algorithms - * <p> - * 1.3.6.1.4.1.22554.1 + * <p>1.3.6.1.4.1.22554.1</p> */ public static readonly DerObjectIdentifier bc_pbe = bc.Branch("1"); /** * SHA-1(1) - * <p> - * 1.3.6.1.4.1.22554.1.1 + * <p>1.3.6.1.4.1.22554.1.1</p> */ public static readonly DerObjectIdentifier bc_pbe_sha1 = bc_pbe.Branch("1"); diff --git a/crypto/src/asn1/bsi/BsiObjectIdentifiers.cs b/crypto/src/asn1/bsi/BsiObjectIdentifiers.cs index 95a0d7b52..50ada2e02 100644 --- a/crypto/src/asn1/bsi/BsiObjectIdentifiers.cs +++ b/crypto/src/asn1/bsi/BsiObjectIdentifiers.cs @@ -79,23 +79,22 @@ namespace Org.BouncyCastle.Asn1.Bsi public static readonly DerObjectIdentifier ecka_eg_SessionKDF_AES192 = ecka_eg_SessionKDF.Branch("3"); public static readonly DerObjectIdentifier ecka_eg_SessionKDF_AES256 = ecka_eg_SessionKDF.Branch("4"); - /** AES encryption (CBC) and authentication (CMAC) + /* AES encryption (CBC) and authentication (CMAC) * OID: 0.4.0.127.0.7.1.x */ //TODO: replace "1" with correct OID //public static readonly DerObjectIdentifier aes_cbc_cmac = algorithm.Branch("1"); - /** AES encryption (CBC) and authentication (CMAC) with 128 bit + /* AES encryption (CBC) and authentication (CMAC) with 128 bit * OID: 0.4.0.127.0.7.1.x.y1 */ //TODO: replace "1" with correct OID //public static readonly DerObjectIdentifier id_aes128_CBC_CMAC = aes_cbc_cmac.Branch("1"); - - /** AES encryption (CBC) and authentication (CMAC) with 192 bit + /* AES encryption (CBC) and authentication (CMAC) with 192 bit * OID: 0.4.0.127.0.7.1.x.y2 */ //TODO: replace "1" with correct OID //public static readonly DerObjectIdentifier id_aes192_CBC_CMAC = aes_cbc_cmac.Branch("1"); - /** AES encryption (CBC) and authentication (CMAC) with 256 bit + /* AES encryption (CBC) and authentication (CMAC) with 256 bit * OID: 0.4.0.127.0.7.1.x.y3 */ //TODO: replace "1" with correct OID //public static readonly DerObjectIdentifier id_aes256_CBC_CMAC = aes_cbc_cmac.Branch("1"); diff --git a/crypto/src/asn1/crmf/AttributeTypeAndValue.cs b/crypto/src/asn1/crmf/AttributeTypeAndValue.cs index 0a4b5bdbe..e7587896a 100644 --- a/crypto/src/asn1/crmf/AttributeTypeAndValue.cs +++ b/crypto/src/asn1/crmf/AttributeTypeAndValue.cs @@ -28,7 +28,7 @@ namespace Org.BouncyCastle.Asn1.Crmf } public AttributeTypeAndValue( - String oid, + string oid, Asn1Encodable value) : this(new DerObjectIdentifier(oid), value) { diff --git a/crypto/src/asn1/crmf/Controls.cs b/crypto/src/asn1/crmf/Controls.cs index 5f132155a..70b48a959 100644 --- a/crypto/src/asn1/crmf/Controls.cs +++ b/crypto/src/asn1/crmf/Controls.cs @@ -1,8 +1,8 @@ -using Org.BouncyCastle.Utilities; -using System; -using System.Collections.Generic; +using System; using System.Text; +using Org.BouncyCastle.Utilities; + namespace Org.BouncyCastle.Asn1.Crmf { public class Controls diff --git a/crypto/src/cmp/CertificateConfirmationContent.cs b/crypto/src/cmp/CertificateConfirmationContent.cs index 13d1dab8e..ad46ca039 100644 --- a/crypto/src/cmp/CertificateConfirmationContent.cs +++ b/crypto/src/cmp/CertificateConfirmationContent.cs @@ -1,15 +1,14 @@ - -using Org.BouncyCastle.Cms; -using Org.BouncyCastle.Asn1.Cmp; +using System; +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Cms; namespace Org.BouncyCastle.Cmp { public class CertificateConfirmationContent { - private DefaultDigestAlgorithmIdentifierFinder digestAlgFinder; - private CertConfirmContent content; - + private readonly DefaultDigestAlgorithmIdentifierFinder digestAlgFinder; + private readonly CertConfirmContent content; public CertificateConfirmationContent(CertConfirmContent content) { @@ -38,6 +37,6 @@ namespace Org.BouncyCastle.Cmp } return ret; - } + } } } diff --git a/crypto/src/cmp/CertificateConfirmationContentBuilder.cs b/crypto/src/cmp/CertificateConfirmationContentBuilder.cs index 56f5d5ccb..611fa4449 100644 --- a/crypto/src/cmp/CertificateConfirmationContentBuilder.cs +++ b/crypto/src/cmp/CertificateConfirmationContentBuilder.cs @@ -1,4 +1,6 @@ -using System.Collections; +using System; +using System.Collections; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cmp; using Org.BouncyCastle.Asn1.X509; @@ -6,22 +8,24 @@ using Org.BouncyCastle.Cms; using Org.BouncyCastle.Crypto.IO; using Org.BouncyCastle.Math; using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; using Org.BouncyCastle.X509; namespace Org.BouncyCastle.Cmp { public class CertificateConfirmationContentBuilder { - DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder(); - private DefaultDigestAlgorithmIdentifierFinder digestAlgFinder; - private ArrayList acceptedCerts = new ArrayList(); - private ArrayList acceptedReqIds = new ArrayList(); + private static readonly DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder(); - public CertificateConfirmationContentBuilder() : this(new DefaultDigestAlgorithmIdentifierFinder()) - { + private readonly DefaultDigestAlgorithmIdentifierFinder digestAlgFinder; + private readonly IList acceptedCerts = Platform.CreateArrayList(); + private readonly IList acceptedReqIds = Platform.CreateArrayList(); + public CertificateConfirmationContentBuilder() + : this(new DefaultDigestAlgorithmIdentifierFinder()) + { } - + public CertificateConfirmationContentBuilder(DefaultDigestAlgorithmIdentifierFinder digestAlgFinder) { this.digestAlgFinder = digestAlgFinder; @@ -40,27 +44,19 @@ namespace Org.BouncyCastle.Cmp Asn1EncodableVector v = new Asn1EncodableVector(); for (int i = 0; i != acceptedCerts.Count; i++) { - X509Certificate cert = (X509Certificate) acceptedCerts[i]; - BigInteger reqId = (BigInteger) acceptedReqIds[i]; + X509Certificate cert = (X509Certificate)acceptedCerts[i]; + BigInteger reqId = (BigInteger)acceptedReqIds[i]; - - AlgorithmIdentifier algorithmIdentifier = sigAlgFinder.Find(cert.SigAlgName); + AlgorithmIdentifier algorithmIdentifier = sigAlgFinder.Find(cert.SigAlgName); AlgorithmIdentifier digAlg = digestAlgFinder.find(algorithmIdentifier); - if (digAlg == null) - { + if (null == digAlg) throw new CmpException("cannot find algorithm for digest from signature"); - } - - DigestSink sink = new DigestSink(DigestUtilities.GetDigest(digAlg.Algorithm)); - - sink.Write(cert.GetEncoded()); - byte[] dig = new byte[sink.Digest.GetDigestSize()]; - sink.Digest.DoFinal(dig, 0); + byte[] digest = DigestUtilities.CalculateDigest(digAlg.Algorithm, cert.GetEncoded()); - v.Add(new CertStatus(dig,reqId)); + v.Add(new CertStatus(digest, reqId)); } return new CertificateConfirmationContent(CertConfirmContent.GetInstance(new DerSequence(v)), diff --git a/crypto/src/cmp/CertificateStatus.cs b/crypto/src/cmp/CertificateStatus.cs index 92a94ea05..0f1d9af9b 100644 --- a/crypto/src/cmp/CertificateStatus.cs +++ b/crypto/src/cmp/CertificateStatus.cs @@ -1,4 +1,6 @@ -using Org.BouncyCastle.Asn1.Cmp; +using System; + +using Org.BouncyCastle.Asn1.Cmp; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Cms; using Org.BouncyCastle.Crypto.IO; @@ -11,9 +13,10 @@ namespace Org.BouncyCastle.Cmp { public class CertificateStatus { - private DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder(); - private DefaultDigestAlgorithmIdentifierFinder digestAlgFinder; - private CertStatus certStatus; + private static readonly DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder(); + + private readonly DefaultDigestAlgorithmIdentifierFinder digestAlgFinder; + private readonly CertStatus certStatus; public CertificateStatus(DefaultDigestAlgorithmIdentifierFinder digestAlgFinder, CertStatus certStatus) { @@ -21,10 +24,10 @@ namespace Org.BouncyCastle.Cmp this.certStatus = certStatus; } - public PkiStatusInfo PkiStatusInfo - { - get { return certStatus.StatusInfo; } - } + public PkiStatusInfo PkiStatusInfo + { + get { return certStatus.StatusInfo; } + } public BigInteger CertRequestId { @@ -33,19 +36,12 @@ namespace Org.BouncyCastle.Cmp public bool IsVerified(X509Certificate cert) { + AlgorithmIdentifier digAlg = digestAlgFinder.find(sigAlgFinder.Find(cert.SigAlgName)); + if (null == digAlg) + throw new CmpException("cannot find algorithm for digest from signature " + cert.SigAlgName); - AlgorithmIdentifier digAlg = digestAlgFinder.find( sigAlgFinder.Find(cert.SigAlgName)); - if (digAlg == null) - { - throw new CmpException("cannot find algorithm for digest from signature "+cert.SigAlgName); - } - - DigestSink digestSink = new DigestSink(DigestUtilities.GetDigest(digAlg.Algorithm)); - - digestSink.Write(cert.GetEncoded()); + byte[] digest = DigestUtilities.CalculateDigest(digAlg.Algorithm, cert.GetEncoded()); - byte[] digest = new byte[digestSink.Digest.GetDigestSize()]; - digestSink.Digest.DoFinal(digest, 0); return Arrays.ConstantTimeAreEqual(certStatus.CertHash.GetOctets(), digest); } } diff --git a/crypto/src/cmp/CmpException.cs b/crypto/src/cmp/CmpException.cs index 2f50f7780..6594e8f2a 100644 --- a/crypto/src/cmp/CmpException.cs +++ b/crypto/src/cmp/CmpException.cs @@ -1,24 +1,21 @@ using System; -using System.Runtime.Serialization; - namespace Org.BouncyCastle.Cmp { - public class CmpException : Exception + public class CmpException + : Exception { public CmpException() { } - public CmpException(string message) : base(message) - { - } - - public CmpException(string message, Exception innerException) : base(message, innerException) + public CmpException(string message) + : base(message) { } - protected CmpException(SerializationInfo info, StreamingContext context) : base(info, context) + public CmpException(string message, Exception innerException) + : base(message, innerException) { } } diff --git a/crypto/src/cmp/GeneralPkiMessage.cs b/crypto/src/cmp/GeneralPkiMessage.cs index ad55a8005..9b12ee77b 100644 --- a/crypto/src/cmp/GeneralPkiMessage.cs +++ b/crypto/src/cmp/GeneralPkiMessage.cs @@ -1,20 +1,24 @@ -namespace Org.BouncyCastle.Asn1.Cmp +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cmp; + +namespace Org.BouncyCastle.Cmp { - public class GeneralPKIMessage + public class GeneralPkiMessage { private readonly PkiMessage pkiMessage; - private static PkiMessage parseBytes(byte[] encoding) + private static PkiMessage ParseBytes(byte[] encoding) { return PkiMessage.GetInstance(Asn1Object.FromByteArray(encoding)); } - /// <summary> /// Wrap a PKIMessage ASN.1 structure. /// </summary> /// <param name="pkiMessage">PKI message.</param> - public GeneralPKIMessage(PkiMessage pkiMessage) + public GeneralPkiMessage(PkiMessage pkiMessage) { this.pkiMessage = pkiMessage; } @@ -23,24 +27,19 @@ /// Create a PKIMessage from the passed in bytes. /// </summary> /// <param name="encoding">BER/DER encoding of the PKIMessage</param> - public GeneralPKIMessage(byte[] encoding) : this(parseBytes(encoding)) + public GeneralPkiMessage(byte[] encoding) + : this(ParseBytes(encoding)) { } public PkiHeader Header { - get - { - return pkiMessage.Header; - } + get { return pkiMessage.Header; } } public PkiBody Body { - get - { - return pkiMessage.Body; - } + get { return pkiMessage.Body; } } /// <summary> diff --git a/crypto/src/cmp/ProtectedPkiMessage.cs b/crypto/src/cmp/ProtectedPkiMessage.cs index d3cf4a524..bb5b5dc14 100644 --- a/crypto/src/cmp/ProtectedPkiMessage.cs +++ b/crypto/src/cmp/ProtectedPkiMessage.cs @@ -1,12 +1,12 @@ -using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.X509; -using System; +using System; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crmf; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Utilities; - -using Org.BouncyCastle.Crmf; +using Org.BouncyCastle.X509; namespace Org.BouncyCastle.Cmp { @@ -15,20 +15,17 @@ namespace Org.BouncyCastle.Cmp /// </summary> public class ProtectedPkiMessage { - private PkiMessage pkiMessage; + private readonly PkiMessage pkiMessage; /// <summary> /// Wrap a general message. /// </summary> /// <exception cref="ArgumentException">If the general message does not have protection.</exception> /// <param name="pkiMessage">The General message</param> - public ProtectedPkiMessage(GeneralPKIMessage pkiMessage) + public ProtectedPkiMessage(GeneralPkiMessage pkiMessage) { - if (!pkiMessage.HasProtection) - { throw new ArgumentException("pki message not protected"); - } this.pkiMessage = pkiMessage.ToAsn1Structure(); } @@ -40,10 +37,8 @@ namespace Org.BouncyCastle.Cmp /// <param name="pkiMessage">The PKI message</param> public ProtectedPkiMessage(PkiMessage pkiMessage) { - if (pkiMessage.Header.ProtectionAlg == null) - { + if (null == pkiMessage.Header.ProtectionAlg) throw new ArgumentException("pki message not protected"); - } this.pkiMessage = pkiMessage; } @@ -51,25 +46,37 @@ namespace Org.BouncyCastle.Cmp /// <summary> /// Message header /// </summary> - public PkiHeader Header { get { return pkiMessage.Header; } } + public PkiHeader Header + { + get { return pkiMessage.Header; } + } /// <summary> /// Message Body /// </summary> - public PkiBody Body { get { return pkiMessage.Body; } } + public PkiBody Body + { + get { return pkiMessage.Body; } + } /// <summary> /// Return the underlying ASN.1 structure contained in this object. /// </summary> /// <returns>PKI Message structure</returns> - public PkiMessage ToAsn1Message() { return pkiMessage; } + public PkiMessage ToAsn1Message() + { + return pkiMessage; + } /// <summary> /// Determine whether the message is protected by a password based MAC. Use verify(PKMACBuilder, char[]) /// to verify the message if this method returns true. /// </summary> /// <returns>true if protection MAC PBE based, false otherwise.</returns> - public bool HasPasswordBasedMacProtected { get { return Header.ProtectionAlg.Algorithm.Equals(CmpObjectIdentifiers.passwordBasedMac); } } + public bool HasPasswordBasedMacProtected + { + get { return Header.ProtectionAlg.Algorithm.Equals(CmpObjectIdentifiers.passwordBasedMac); } + } /// <summary> /// Return the extra certificates associated with this message. @@ -78,11 +85,8 @@ namespace Org.BouncyCastle.Cmp public X509Certificate[] GetCertificates() { CmpCertificate[] certs = pkiMessage.GetExtraCerts(); - - if (certs == null) - { + if (null == certs) return new X509Certificate[0]; - } X509Certificate[] res = new X509Certificate[certs.Length]; for (int t = 0; t < certs.Length; t++) @@ -107,7 +111,7 @@ namespace Org.BouncyCastle.Cmp return result.IsVerified(pkiMessage.Protection.GetBytes()); } - private Object Process(IStreamCalculator streamCalculator) + private object Process(IStreamCalculator streamCalculator) { Asn1EncodableVector avec = new Asn1EncodableVector(); avec.Add(pkiMessage.Header); @@ -131,9 +135,7 @@ namespace Org.BouncyCastle.Cmp public bool Verify(PKMacBuilder pkMacBuilder, char[] password) { if (!CmpObjectIdentifiers.passwordBasedMac.Equals(pkiMessage.Header.ProtectionAlg.Algorithm)) - { throw new InvalidOperationException("protection algorithm is not mac based"); - } PbmParameter parameter = PbmParameter.GetInstance(pkiMessage.Header.ProtectionAlg.Parameters); diff --git a/crypto/src/cmp/ProtectedPkiMessageBuilder.cs b/crypto/src/cmp/ProtectedPkiMessageBuilder.cs index 3ee223ba8..8ce0d48dc 100644 --- a/crypto/src/cmp/ProtectedPkiMessageBuilder.cs +++ b/crypto/src/cmp/ProtectedPkiMessageBuilder.cs @@ -1,10 +1,12 @@ using System; using System.Collections; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cmp; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Utilities; using Org.BouncyCastle.X509; namespace Org.BouncyCastle.Cmp @@ -13,15 +15,14 @@ namespace Org.BouncyCastle.Cmp { private PkiHeaderBuilder hdrBuilBuilder; private PkiBody body; - private ArrayList generalInfos = new ArrayList(); - private ArrayList extraCerts = new ArrayList(); + private IList generalInfos = Platform.CreateArrayList(); + private IList extraCerts = Platform.CreateArrayList(); - public ProtectedPkiMessageBuilder(GeneralName sender, GeneralName recipient) : this(PkiHeader.CMP_2000, sender, - recipient) + public ProtectedPkiMessageBuilder(GeneralName sender, GeneralName recipient) + : this(PkiHeader.CMP_2000, sender, recipient) { } - public ProtectedPkiMessageBuilder(int pvno, GeneralName sender, GeneralName recipient) { hdrBuilBuilder = new PkiHeaderBuilder(pvno, sender, recipient); @@ -96,22 +97,21 @@ namespace Org.BouncyCastle.Cmp throw new ArgumentException("AlgorithmDetails is not AlgorithmIdentifier"); } - FinalizeHeader((AlgorithmIdentifier) signatureFactory.AlgorithmDetails); + FinalizeHeader((AlgorithmIdentifier)signatureFactory.AlgorithmDetails); PkiHeader header = hdrBuilBuilder.Build(); DerBitString protection = new DerBitString(CalculateSignature(calculator, header, body)); return FinalizeMessage(header, protection); } public ProtectedPkiMessage Build(IMacFactory factory) - { - IStreamCalculator calculator = factory.CreateCalculator(); - FinalizeHeader((AlgorithmIdentifier)factory.AlgorithmDetails); - PkiHeader header = hdrBuilBuilder.Build(); - DerBitString protection = new DerBitString(CalculateSignature(calculator, header, body)); - return FinalizeMessage(header, protection); + { + IStreamCalculator calculator = factory.CreateCalculator(); + FinalizeHeader((AlgorithmIdentifier)factory.AlgorithmDetails); + PkiHeader header = hdrBuilBuilder.Build(); + DerBitString protection = new DerBitString(CalculateSignature(calculator, header, body)); + return FinalizeMessage(header, protection); } - private void FinalizeHeader(AlgorithmIdentifier algorithmIdentifier) { hdrBuilBuilder.SetProtectionAlg(algorithmIdentifier); @@ -120,7 +120,7 @@ namespace Org.BouncyCastle.Cmp InfoTypeAndValue[] genInfos = new InfoTypeAndValue[generalInfos.Count]; for (int t = 0; t < genInfos.Length; t++) { - genInfos[t] = (InfoTypeAndValue) generalInfos[t]; + genInfos[t] = (InfoTypeAndValue)generalInfos[t]; } hdrBuilBuilder.SetGeneralInfo(genInfos); @@ -134,7 +134,7 @@ namespace Org.BouncyCastle.Cmp CmpCertificate[] cmpCertificates = new CmpCertificate[extraCerts.Count]; for (int i = 0; i < cmpCertificates.Length; i++) { - byte[] cert = ((X509Certificate) extraCerts[i]).GetEncoded(); + byte[] cert = ((X509Certificate)extraCerts[i]).GetEncoded(); cmpCertificates[i] = CmpCertificate.GetInstance((Asn1Sequence.FromByteArray(cert))); } @@ -151,7 +151,7 @@ namespace Org.BouncyCastle.Cmp avec.Add(body); byte[] encoded = new DerSequence(avec).GetEncoded(); signer.Stream.Write(encoded, 0, encoded.Length); - Object result = signer.GetResult(); + object result = signer.GetResult(); if (result is DefaultSignatureResult) { @@ -163,10 +163,10 @@ namespace Org.BouncyCastle.Cmp } else if (result is byte[]) { - return (byte[]) result; + return (byte[])result; } throw new InvalidOperationException("result is not byte[] or DefaultSignatureResult"); } } -} \ No newline at end of file +} diff --git a/crypto/src/cmp/RevocationDetails.cs b/crypto/src/cmp/RevocationDetails.cs index 6e1cb34c3..2d3f9a5eb 100644 --- a/crypto/src/cmp/RevocationDetails.cs +++ b/crypto/src/cmp/RevocationDetails.cs @@ -1,4 +1,6 @@ -using Org.BouncyCastle.Asn1.Cmp; +using System; + +using Org.BouncyCastle.Asn1.Cmp; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Math; @@ -6,7 +8,7 @@ namespace Org.BouncyCastle.Cmp { public class RevocationDetails { - private RevDetails revDetails; + private readonly RevDetails revDetails; public RevocationDetails(RevDetails revDetails) { @@ -25,10 +27,7 @@ namespace Org.BouncyCastle.Cmp public BigInteger SerialNumber { - get - { - return revDetails.CertDetails.SerialNumber.Value; // getCertDetails().getSerialNumber().getValue(); - } + get { return revDetails.CertDetails.SerialNumber.Value; } } public RevDetails ToASN1Structure() @@ -36,4 +35,4 @@ namespace Org.BouncyCastle.Cmp return revDetails; } } -} \ No newline at end of file +} diff --git a/crypto/src/cmp/RevocationDetailsBuilder.cs b/crypto/src/cmp/RevocationDetailsBuilder.cs index 464c0bb13..b3be01242 100644 --- a/crypto/src/cmp/RevocationDetailsBuilder.cs +++ b/crypto/src/cmp/RevocationDetailsBuilder.cs @@ -1,4 +1,6 @@ -using Org.BouncyCastle.Asn1; +using System; + +using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cmp; using Org.BouncyCastle.Asn1.Crmf; using Org.BouncyCastle.Asn1.X509; @@ -50,7 +52,7 @@ namespace Org.BouncyCastle.Cmp return this; } - public RevocationDetails build() + public RevocationDetails Build() { return new RevocationDetails(new RevDetails(_templateBuilder.Build())); } diff --git a/crypto/src/cms/CMSEnvelopedDataGenerator.cs b/crypto/src/cms/CMSEnvelopedDataGenerator.cs index 8ba41161e..c844ca6fa 100644 --- a/crypto/src/cms/CMSEnvelopedDataGenerator.cs +++ b/crypto/src/cms/CMSEnvelopedDataGenerator.cs @@ -158,7 +158,7 @@ namespace Org.BouncyCastle.Cms public CmsEnvelopedData Generate(CmsProcessable content, ICipherBuilderWithKey cipherBuilder) { - AlgorithmIdentifier encAlgId = null; + //AlgorithmIdentifier encAlgId = null; KeyParameter encKey; Asn1OctetString encContent; diff --git a/crypto/src/cms/CMSSignedGenerator.cs b/crypto/src/cms/CMSSignedGenerator.cs index 1ac9f39b7..c7bc4ea43 100644 --- a/crypto/src/cms/CMSSignedGenerator.cs +++ b/crypto/src/cms/CMSSignedGenerator.cs @@ -26,337 +26,328 @@ using Org.BouncyCastle.X509.Store; namespace Org.BouncyCastle.Cms { + public class DefaultSignatureAlgorithmIdentifierFinder + { + private static readonly IDictionary algorithms = Platform.CreateHashtable(); + private static readonly ISet noParams = new HashSet(); + private static readonly IDictionary _params = Platform.CreateHashtable(); + private static readonly ISet pkcs15RsaEncryption = new HashSet(); + private static readonly IDictionary digestOids = Platform.CreateHashtable(); + + private static readonly IDictionary digestBuilders = Platform.CreateHashtable(); - public class DefaultSignatureAlgorithmIdentifierFinder + private static readonly DerObjectIdentifier ENCRYPTION_RSA = PkcsObjectIdentifiers.RsaEncryption; + private static readonly DerObjectIdentifier ENCRYPTION_DSA = X9ObjectIdentifiers.IdDsaWithSha1; + private static readonly DerObjectIdentifier ENCRYPTION_ECDSA = X9ObjectIdentifiers.ECDsaWithSha1; + private static readonly DerObjectIdentifier ENCRYPTION_RSA_PSS = PkcsObjectIdentifiers.IdRsassaPss; + private static readonly DerObjectIdentifier ENCRYPTION_GOST3410 = CryptoProObjectIdentifiers.GostR3410x94; + private static readonly DerObjectIdentifier ENCRYPTION_ECGOST3410 = CryptoProObjectIdentifiers.GostR3410x2001; + private static readonly DerObjectIdentifier ENCRYPTION_ECGOST3410_2012_256 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256; + private static readonly DerObjectIdentifier ENCRYPTION_ECGOST3410_2012_512 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512; + + static DefaultSignatureAlgorithmIdentifierFinder() { - private static readonly IDictionary algorithms = Platform.CreateHashtable(); - private static readonly ISet noParams = new HashSet(); - private static readonly IDictionary _params = Platform.CreateHashtable(); - private static readonly ISet pkcs15RsaEncryption = new HashSet(); - private static readonly IDictionary digestOids = Platform.CreateHashtable(); + algorithms["MD2WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.MD2WithRsaEncryption; + algorithms["MD2WITHRSA"] = PkcsObjectIdentifiers.MD2WithRsaEncryption; + algorithms["MD5WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.MD5WithRsaEncryption; + algorithms["MD5WITHRSA"] = PkcsObjectIdentifiers.MD5WithRsaEncryption; + algorithms["SHA1WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption; + algorithms["SHA1WITHRSA"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption; + algorithms["SHA-1WITHRSA"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption; + algorithms["SHA224WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption; + algorithms["SHA224WITHRSA"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption; + algorithms["SHA256WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption; + algorithms["SHA256WITHRSA"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption; + algorithms["SHA384WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption; + algorithms["SHA384WITHRSA"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption; + algorithms["SHA512WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption; + algorithms["SHA512WITHRSA"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption; + algorithms["SHA1WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA224WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA256WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA384WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA512WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA3-224WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA3-256WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA3-384WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA3-512WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["RIPEMD160WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160; + algorithms["RIPEMD160WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160; + algorithms["RIPEMD128WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128; + algorithms["RIPEMD128WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128; + algorithms["RIPEMD256WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256; + algorithms["RIPEMD256WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256; + algorithms["SHA1WITHDSA"] = X9ObjectIdentifiers.IdDsaWithSha1; + algorithms["SHA-1WITHDSA"] = X9ObjectIdentifiers.IdDsaWithSha1; + algorithms["DSAWITHSHA1"] = X9ObjectIdentifiers.IdDsaWithSha1; + algorithms["SHA224WITHDSA"] = NistObjectIdentifiers.DsaWithSha224; + algorithms["SHA256WITHDSA"] = NistObjectIdentifiers.DsaWithSha256; + algorithms["SHA384WITHDSA"] = NistObjectIdentifiers.DsaWithSha384; + algorithms["SHA512WITHDSA"] = NistObjectIdentifiers.DsaWithSha512; + algorithms["SHA3-224WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_224; // id_dsa_with_sha3_224; + algorithms["SHA3-256WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_256; //id_dsa_with_sha3_256; + algorithms["SHA3-384WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_384; //id_dsa_with_sha3_384; + algorithms["SHA3-512WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_512; //id_dsa_with_sha3_512; + algorithms["SHA3-224WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_224;// id_ecdsa_with_sha3_224; + algorithms["SHA3-256WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_256;//id_ecdsa_with_sha3_256; + algorithms["SHA3-384WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_384;//id_ecdsa_with_sha3_384; + algorithms["SHA3-512WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_512;//id_ecdsa_with_sha3_512; + algorithms["SHA3-224WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224;// id_rsassa_pkcs1_v1_5_with_sha3_224; + algorithms["SHA3-256WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256;// id_rsassa_pkcs1_v1_5_with_sha3_256; + algorithms["SHA3-384WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384;// id_rsassa_pkcs1_v1_5_with_sha3_384; + algorithms["SHA3-512WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512;// id_rsassa_pkcs1_v1_5_with_sha3_512; + algorithms["SHA3-224WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224;// id_rsassa_pkcs1_v1_5_with_sha3_224; + algorithms["SHA3-256WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256;// id_rsassa_pkcs1_v1_5_with_sha3_256; + algorithms["SHA3-384WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384; //id_rsassa_pkcs1_v1_5_with_sha3_384; + algorithms["SHA3-512WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512; // id_rsassa_pkcs1_v1_5_with_sha3_512; + algorithms["SHA1WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha1; + algorithms["ECDSAWITHSHA1"] = X9ObjectIdentifiers.ECDsaWithSha1; + algorithms["SHA224WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha224; + algorithms["SHA256WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha224; + algorithms["SHA384WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha384; + algorithms["SHA512WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha256; + + + algorithms["GOST3411WITHGOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94; + algorithms["GOST3411WITHGOST3410-94"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94; + algorithms["GOST3411WITHECGOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001; + algorithms["GOST3411WITHECGOST3410-2001"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001; + algorithms["GOST3411WITHGOST3410-2001"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001; + algorithms["GOST3411WITHECGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; + algorithms["GOST3411WITHECGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; + algorithms["GOST3411WITHGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; + algorithms["GOST3411WITHGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; + algorithms["GOST3411-2012-256WITHECGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; + algorithms["GOST3411-2012-512WITHECGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; + algorithms["GOST3411-2012-256WITHGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; + algorithms["GOST3411-2012-512WITHGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; + algorithms["SHA1WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA1; + algorithms["SHA224WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA224; + algorithms["SHA256WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA256; + algorithms["SHA384WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA384; + algorithms["SHA512WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA512; + algorithms["RIPEMD160WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_RIPEMD160; + algorithms["SHA1WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_1; + algorithms["SHA224WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_224; + algorithms["SHA256WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_256; + algorithms["SHA384WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_384; + algorithms["SHA512WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_512; + algorithms["SHA3-512WITHSPHINCS256"] = BCObjectIdentifiers.sphincs256_with_SHA3_512; + algorithms["SHA512WITHSPHINCS256"] = BCObjectIdentifiers.sphincs256_with_SHA512; + algorithms["SM3WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sm3; + + algorithms["SHA256WITHXMSS"] = BCObjectIdentifiers.xmss_with_SHA256; + algorithms["SHA512WITHXMSS"] = BCObjectIdentifiers.xmss_with_SHA512; + algorithms["SHAKE128WITHXMSS"] = BCObjectIdentifiers.xmss_with_SHAKE128; + algorithms["SHAKE256WITHXMSS"] = BCObjectIdentifiers.xmss_with_SHAKE256; + + algorithms["SHA256WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_with_SHA256; + algorithms["SHA512WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_with_SHA512; + algorithms["SHAKE128WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_with_SHAKE128; + algorithms["SHAKE256WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_with_SHAKE256; - private static readonly IDictionary digestBuilders = Platform.CreateHashtable(); + // + // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. + // The parameters field SHALL be NULL for RSA based signature algorithms. + // + noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha1); + noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha224); + noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha256); + noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha384); + noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha512); + noParams.Add((object)X9ObjectIdentifiers.IdDsaWithSha1); + noParams.Add((object)NistObjectIdentifiers.DsaWithSha224); + noParams.Add((object)NistObjectIdentifiers.DsaWithSha256); + noParams.Add((object)NistObjectIdentifiers.DsaWithSha384); + noParams.Add((object)NistObjectIdentifiers.DsaWithSha512); + noParams.Add((object)NistObjectIdentifiers.IdDsaWithSha3_224); + noParams.Add((object)NistObjectIdentifiers.IdDsaWithSha3_256); + noParams.Add((object)NistObjectIdentifiers.IdDsaWithSha3_384); + noParams.Add((object)NistObjectIdentifiers.IdDsaWithSha3_512); + noParams.Add((object)NistObjectIdentifiers.IdEcdsaWithSha3_224); + noParams.Add((object)NistObjectIdentifiers.IdEcdsaWithSha3_256); + noParams.Add((object)NistObjectIdentifiers.IdEcdsaWithSha3_384); + noParams.Add((object)NistObjectIdentifiers.IdEcdsaWithSha3_512); - private static readonly DerObjectIdentifier ENCRYPTION_RSA = PkcsObjectIdentifiers.RsaEncryption; - private static readonly DerObjectIdentifier ENCRYPTION_DSA = X9ObjectIdentifiers.IdDsaWithSha1; - private static readonly DerObjectIdentifier ENCRYPTION_ECDSA = X9ObjectIdentifiers.ECDsaWithSha1; - private static readonly DerObjectIdentifier ENCRYPTION_RSA_PSS = PkcsObjectIdentifiers.IdRsassaPss; - private static readonly DerObjectIdentifier ENCRYPTION_GOST3410 = CryptoProObjectIdentifiers.GostR3410x94; - private static readonly DerObjectIdentifier ENCRYPTION_ECGOST3410 = CryptoProObjectIdentifiers.GostR3410x2001; - private static readonly DerObjectIdentifier ENCRYPTION_ECGOST3410_2012_256 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256; - private static readonly DerObjectIdentifier ENCRYPTION_ECGOST3410_2012_512 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512; + // + // RFC 4491 + // + noParams.Add((object)CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); + noParams.Add((object)CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); + noParams.Add((object)RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256); + noParams.Add((object)RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512); - static DefaultSignatureAlgorithmIdentifierFinder() - { - algorithms["MD2WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.MD2WithRsaEncryption; - algorithms["MD2WITHRSA"] = PkcsObjectIdentifiers.MD2WithRsaEncryption; - algorithms["MD5WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.MD5WithRsaEncryption; - algorithms["MD5WITHRSA"] = PkcsObjectIdentifiers.MD5WithRsaEncryption; - algorithms["SHA1WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption; - algorithms["SHA1WITHRSA"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption; - algorithms["SHA-1WITHRSA"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption; - algorithms["SHA224WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption; - algorithms["SHA224WITHRSA"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption; - algorithms["SHA256WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption; - algorithms["SHA256WITHRSA"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption; - algorithms["SHA384WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption; - algorithms["SHA384WITHRSA"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption; - algorithms["SHA512WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption; - algorithms["SHA512WITHRSA"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption; - algorithms["SHA1WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; - algorithms["SHA224WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; - algorithms["SHA256WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; - algorithms["SHA384WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; - algorithms["SHA512WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; - algorithms["SHA3-224WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; - algorithms["SHA3-256WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; - algorithms["SHA3-384WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; - algorithms["SHA3-512WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; - algorithms["RIPEMD160WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160; - algorithms["RIPEMD160WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160; - algorithms["RIPEMD128WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128; - algorithms["RIPEMD128WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128; - algorithms["RIPEMD256WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256; - algorithms["RIPEMD256WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256; - algorithms["SHA1WITHDSA"] = X9ObjectIdentifiers.IdDsaWithSha1; - algorithms["SHA-1WITHDSA"] = X9ObjectIdentifiers.IdDsaWithSha1; - algorithms["DSAWITHSHA1"] = X9ObjectIdentifiers.IdDsaWithSha1; - algorithms["SHA224WITHDSA"] = NistObjectIdentifiers.DsaWithSha224; - algorithms["SHA256WITHDSA"] = NistObjectIdentifiers.DsaWithSha256; - algorithms["SHA384WITHDSA"] = NistObjectIdentifiers.DsaWithSha384; - algorithms["SHA512WITHDSA"] = NistObjectIdentifiers.DsaWithSha512; - algorithms["SHA3-224WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_224; // id_dsa_with_sha3_224; - algorithms["SHA3-256WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_256; //id_dsa_with_sha3_256; - algorithms["SHA3-384WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_384; //id_dsa_with_sha3_384; - algorithms["SHA3-512WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_512; //id_dsa_with_sha3_512; - algorithms["SHA3-224WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_224;// id_ecdsa_with_sha3_224; - algorithms["SHA3-256WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_256;//id_ecdsa_with_sha3_256; - algorithms["SHA3-384WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_384;//id_ecdsa_with_sha3_384; - algorithms["SHA3-512WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_512;//id_ecdsa_with_sha3_512; - algorithms["SHA3-224WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224;// id_rsassa_pkcs1_v1_5_with_sha3_224; - algorithms["SHA3-256WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256;// id_rsassa_pkcs1_v1_5_with_sha3_256; - algorithms["SHA3-384WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384;// id_rsassa_pkcs1_v1_5_with_sha3_384; - algorithms["SHA3-512WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512;// id_rsassa_pkcs1_v1_5_with_sha3_512; - algorithms["SHA3-224WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224;// id_rsassa_pkcs1_v1_5_with_sha3_224; - algorithms["SHA3-256WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256;// id_rsassa_pkcs1_v1_5_with_sha3_256; - algorithms["SHA3-384WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384; //id_rsassa_pkcs1_v1_5_with_sha3_384; - algorithms["SHA3-512WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512; // id_rsassa_pkcs1_v1_5_with_sha3_512; - algorithms["SHA1WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha1; - algorithms["ECDSAWITHSHA1"] = X9ObjectIdentifiers.ECDsaWithSha1; - algorithms["SHA224WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha224; - algorithms["SHA256WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha224; - algorithms["SHA384WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha384; - algorithms["SHA512WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha256; - - - algorithms["GOST3411WITHGOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94; - algorithms["GOST3411WITHGOST3410-94"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94; - algorithms["GOST3411WITHECGOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001; - algorithms["GOST3411WITHECGOST3410-2001"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001; - algorithms["GOST3411WITHGOST3410-2001"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001; - algorithms["GOST3411WITHECGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; - algorithms["GOST3411WITHECGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; - algorithms["GOST3411WITHGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; - algorithms["GOST3411WITHGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; - algorithms["GOST3411-2012-256WITHECGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; - algorithms["GOST3411-2012-512WITHECGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; - algorithms["GOST3411-2012-256WITHGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; - algorithms["GOST3411-2012-512WITHGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; - algorithms["SHA1WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA1; - algorithms["SHA224WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA224; - algorithms["SHA256WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA256; - algorithms["SHA384WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA384; - algorithms["SHA512WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA512; - algorithms["RIPEMD160WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_RIPEMD160; - algorithms["SHA1WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_1; - algorithms["SHA224WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_224; - algorithms["SHA256WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_256; - algorithms["SHA384WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_384; - algorithms["SHA512WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_512; - algorithms["SHA3-512WITHSPHINCS256"] = BCObjectIdentifiers.sphincs256_with_SHA3_512; - algorithms["SHA512WITHSPHINCS256"] = BCObjectIdentifiers.sphincs256_with_SHA512; - algorithms["SM3WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sm3; - - algorithms["SHA256WITHXMSS"] = BCObjectIdentifiers.xmss_with_SHA256; - algorithms["SHA512WITHXMSS"] = BCObjectIdentifiers.xmss_with_SHA512; - algorithms["SHAKE128WITHXMSS"] = BCObjectIdentifiers.xmss_with_SHAKE128; - algorithms["SHAKE256WITHXMSS"] = BCObjectIdentifiers.xmss_with_SHAKE256; - - algorithms["SHA256WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_with_SHA256; - algorithms["SHA512WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_with_SHA512; - algorithms["SHAKE128WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_with_SHAKE128; - algorithms["SHAKE256WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_with_SHAKE256; - - - // - // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. - // The parameters field SHALL be NULL for RSA based signature algorithms. - // - noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha1); - noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha224); - noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha256); - noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha384); - noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha512); - noParams.Add((object)X9ObjectIdentifiers.IdDsaWithSha1); - noParams.Add((object)NistObjectIdentifiers.DsaWithSha224); - noParams.Add((object)NistObjectIdentifiers.DsaWithSha256); - noParams.Add((object)NistObjectIdentifiers.DsaWithSha384); - noParams.Add((object)NistObjectIdentifiers.DsaWithSha512); - noParams.Add((object)NistObjectIdentifiers.IdDsaWithSha3_224); - noParams.Add((object)NistObjectIdentifiers.IdDsaWithSha3_256); - noParams.Add((object)NistObjectIdentifiers.IdDsaWithSha3_384); - noParams.Add((object)NistObjectIdentifiers.IdDsaWithSha3_512); - noParams.Add((object)NistObjectIdentifiers.IdEcdsaWithSha3_224); - noParams.Add((object)NistObjectIdentifiers.IdEcdsaWithSha3_256); - noParams.Add((object)NistObjectIdentifiers.IdEcdsaWithSha3_384); - noParams.Add((object)NistObjectIdentifiers.IdEcdsaWithSha3_512); - - - // - // RFC 4491 - // - noParams.Add((object)CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); - noParams.Add((object)CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); - noParams.Add((object)RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256); - noParams.Add((object)RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512); - - // - // SPHINCS-256 - // - noParams.Add((object)BCObjectIdentifiers.sphincs256_with_SHA512); - noParams.Add((object)BCObjectIdentifiers.sphincs256_with_SHA3_512); - - // - // XMSS - // - noParams.Add((object)BCObjectIdentifiers.xmss_with_SHA256); - noParams.Add((object)BCObjectIdentifiers.xmss_with_SHA512); - noParams.Add((object)BCObjectIdentifiers.xmss_with_SHAKE128); - noParams.Add((object)BCObjectIdentifiers.xmss_with_SHAKE256); - noParams.Add((object)BCObjectIdentifiers.xmss_mt_with_SHA256); - noParams.Add((object)BCObjectIdentifiers.xmss_mt_with_SHA512); - noParams.Add((object)BCObjectIdentifiers.xmss_mt_with_SHAKE128); - noParams.Add((object)BCObjectIdentifiers.xmss_mt_with_SHAKE256); - - // - // SM2 - // - noParams.Add((object)GMObjectIdentifiers.sm2sign_with_sm3); - - // - // PKCS 1.5 encrypted algorithms - // - pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha1WithRsaEncryption); - pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha224WithRsaEncryption); - pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha256WithRsaEncryption); - pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha384WithRsaEncryption); - pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha512WithRsaEncryption); - pkcs15RsaEncryption.Add((object)TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128); - pkcs15RsaEncryption.Add((object)TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160); - pkcs15RsaEncryption.Add((object)TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256); - pkcs15RsaEncryption.Add((object)NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224); - pkcs15RsaEncryption.Add((object)NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256); - pkcs15RsaEncryption.Add((object)NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384); - pkcs15RsaEncryption.Add((object)NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512); - - // - // explicit params - // - AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance); - _params["SHA1WITHRSAANDMGF1"] = CreatePssParams(sha1AlgId, 20); - - AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance); - _params["SHA224WITHRSAANDMGF1"] = CreatePssParams(sha224AlgId, 28); - - AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance); - _params["SHA256WITHRSAANDMGF1"] = CreatePssParams(sha256AlgId, 32); - - AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance); - _params["SHA384WITHRSAANDMGF1"] = CreatePssParams(sha384AlgId, 48); - - AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512, DerNull.Instance); - _params["SHA512WITHRSAANDMGF1"] = CreatePssParams(sha512AlgId, 64); - - AlgorithmIdentifier sha3_224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_224, DerNull.Instance); - _params["SHA3-224WITHRSAANDMGF1"] = CreatePssParams(sha3_224AlgId, 28); - - AlgorithmIdentifier sha3_256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_256, DerNull.Instance); - _params["SHA3-256WITHRSAANDMGF1"] = CreatePssParams(sha3_256AlgId, 32); - - AlgorithmIdentifier sha3_384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_384, DerNull.Instance); - _params["SHA3-384WITHRSAANDMGF1"] = CreatePssParams(sha3_384AlgId, 48); - - AlgorithmIdentifier sha3_512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_512, DerNull.Instance); - _params["SHA3-512WITHRSAANDMGF1"] = CreatePssParams(sha3_512AlgId, 64); - - // - // digests - // - digestOids[PkcsObjectIdentifiers.Sha224WithRsaEncryption] = NistObjectIdentifiers.IdSha224; - digestOids[PkcsObjectIdentifiers.Sha256WithRsaEncryption] = NistObjectIdentifiers.IdSha256; - digestOids[PkcsObjectIdentifiers.Sha384WithRsaEncryption] = NistObjectIdentifiers.IdSha384; - digestOids[PkcsObjectIdentifiers.Sha512WithRsaEncryption] = NistObjectIdentifiers.IdSha512; - digestOids[NistObjectIdentifiers.DsaWithSha224] = NistObjectIdentifiers.IdSha224; - digestOids[NistObjectIdentifiers.DsaWithSha224] = NistObjectIdentifiers.IdSha256; - digestOids[NistObjectIdentifiers.DsaWithSha224] = NistObjectIdentifiers.IdSha384; - digestOids[NistObjectIdentifiers.DsaWithSha224] = NistObjectIdentifiers.IdSha512; - digestOids[NistObjectIdentifiers.IdDsaWithSha3_224] = NistObjectIdentifiers.IdSha3_224; - digestOids[NistObjectIdentifiers.IdDsaWithSha3_256] = NistObjectIdentifiers.IdSha3_256; - digestOids[NistObjectIdentifiers.IdDsaWithSha3_384] = NistObjectIdentifiers.IdSha3_384; - digestOids[NistObjectIdentifiers.IdDsaWithSha3_512] = NistObjectIdentifiers.IdSha3_512; - digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_224] = NistObjectIdentifiers.IdSha3_224; - digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_256] = NistObjectIdentifiers.IdSha3_256; - digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_384] = NistObjectIdentifiers.IdSha3_384; - digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_512] = NistObjectIdentifiers.IdSha3_512; - digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224] = NistObjectIdentifiers.IdSha3_224; - digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256] = NistObjectIdentifiers.IdSha3_256; - digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384] = NistObjectIdentifiers.IdSha3_384; - digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512] = NistObjectIdentifiers.IdSha3_512; - - digestOids[PkcsObjectIdentifiers.MD2WithRsaEncryption] = PkcsObjectIdentifiers.MD2; - digestOids[PkcsObjectIdentifiers.MD4WithRsaEncryption] = PkcsObjectIdentifiers.MD4; - digestOids[PkcsObjectIdentifiers.MD5WithRsaEncryption] = PkcsObjectIdentifiers.MD5; - digestOids[PkcsObjectIdentifiers.Sha1WithRsaEncryption] = OiwObjectIdentifiers.IdSha1; - digestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128] = TeleTrusTObjectIdentifiers.RipeMD128; - digestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160] = TeleTrusTObjectIdentifiers.RipeMD160; - digestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256] = TeleTrusTObjectIdentifiers.RipeMD256; - digestOids[CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94] = CryptoProObjectIdentifiers.GostR3411; - digestOids[CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001] = CryptoProObjectIdentifiers.GostR3411; - digestOids[RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256] = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256; - digestOids[RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512] = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512; - digestOids[GMObjectIdentifiers.sm2sign_with_sm3] = GMObjectIdentifiers.sm3; + // + // SPHINCS-256 + // + noParams.Add((object)BCObjectIdentifiers.sphincs256_with_SHA512); + noParams.Add((object)BCObjectIdentifiers.sphincs256_with_SHA3_512); - } + // + // XMSS + // + noParams.Add((object)BCObjectIdentifiers.xmss_with_SHA256); + noParams.Add((object)BCObjectIdentifiers.xmss_with_SHA512); + noParams.Add((object)BCObjectIdentifiers.xmss_with_SHAKE128); + noParams.Add((object)BCObjectIdentifiers.xmss_with_SHAKE256); + noParams.Add((object)BCObjectIdentifiers.xmss_mt_with_SHA256); + noParams.Add((object)BCObjectIdentifiers.xmss_mt_with_SHA512); + noParams.Add((object)BCObjectIdentifiers.xmss_mt_with_SHAKE128); + noParams.Add((object)BCObjectIdentifiers.xmss_mt_with_SHAKE256); - private static AlgorithmIdentifier Generate(string signatureAlgorithm) - { - AlgorithmIdentifier sigAlgId; - AlgorithmIdentifier encAlgId; - AlgorithmIdentifier digAlgId; + // + // SM2 + // + noParams.Add((object)GMObjectIdentifiers.sm2sign_with_sm3); - string algorithmName = Strings.ToUpperCase(signatureAlgorithm); - DerObjectIdentifier sigOID = (DerObjectIdentifier)algorithms[algorithmName]; - if (sigOID == null) - { - throw new ArgumentException("Unknown signature type requested: " + algorithmName); - } + // + // PKCS 1.5 encrypted algorithms + // + pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha1WithRsaEncryption); + pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha224WithRsaEncryption); + pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha256WithRsaEncryption); + pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha384WithRsaEncryption); + pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha512WithRsaEncryption); + pkcs15RsaEncryption.Add((object)TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128); + pkcs15RsaEncryption.Add((object)TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160); + pkcs15RsaEncryption.Add((object)TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256); + pkcs15RsaEncryption.Add((object)NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224); + pkcs15RsaEncryption.Add((object)NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256); + pkcs15RsaEncryption.Add((object)NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384); + pkcs15RsaEncryption.Add((object)NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512); - if (noParams.Contains(sigOID)) - { - sigAlgId = new AlgorithmIdentifier(sigOID); - } - else if (_params.Contains(algorithmName)) - { - sigAlgId = new AlgorithmIdentifier(sigOID, (Asn1Encodable)_params[algorithmName]); - } - else - { - sigAlgId = new AlgorithmIdentifier(sigOID, DerNull.Instance); - } + // + // explicit params + // + AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance); + _params["SHA1WITHRSAANDMGF1"] = CreatePssParams(sha1AlgId, 20); - if (pkcs15RsaEncryption.Contains(sigOID)) - { - encAlgId = new AlgorithmIdentifier(PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance); - } - else - { - encAlgId = sigAlgId; - } + AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance); + _params["SHA224WITHRSAANDMGF1"] = CreatePssParams(sha224AlgId, 28); - if (sigAlgId.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss)) - { - digAlgId = ((RsassaPssParameters)sigAlgId.Parameters).HashAlgorithm; - } - else - { - digAlgId = new AlgorithmIdentifier((DerObjectIdentifier)digestOids[sigOID], DerNull.Instance); - } + AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance); + _params["SHA256WITHRSAANDMGF1"] = CreatePssParams(sha256AlgId, 32); - return sigAlgId; + AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance); + _params["SHA384WITHRSAANDMGF1"] = CreatePssParams(sha384AlgId, 48); + + AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512, DerNull.Instance); + _params["SHA512WITHRSAANDMGF1"] = CreatePssParams(sha512AlgId, 64); + + AlgorithmIdentifier sha3_224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_224, DerNull.Instance); + _params["SHA3-224WITHRSAANDMGF1"] = CreatePssParams(sha3_224AlgId, 28); + + AlgorithmIdentifier sha3_256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_256, DerNull.Instance); + _params["SHA3-256WITHRSAANDMGF1"] = CreatePssParams(sha3_256AlgId, 32); + + AlgorithmIdentifier sha3_384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_384, DerNull.Instance); + _params["SHA3-384WITHRSAANDMGF1"] = CreatePssParams(sha3_384AlgId, 48); + + AlgorithmIdentifier sha3_512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_512, DerNull.Instance); + _params["SHA3-512WITHRSAANDMGF1"] = CreatePssParams(sha3_512AlgId, 64); + + // + // digests + // + digestOids[PkcsObjectIdentifiers.Sha224WithRsaEncryption] = NistObjectIdentifiers.IdSha224; + digestOids[PkcsObjectIdentifiers.Sha256WithRsaEncryption] = NistObjectIdentifiers.IdSha256; + digestOids[PkcsObjectIdentifiers.Sha384WithRsaEncryption] = NistObjectIdentifiers.IdSha384; + digestOids[PkcsObjectIdentifiers.Sha512WithRsaEncryption] = NistObjectIdentifiers.IdSha512; + digestOids[NistObjectIdentifiers.DsaWithSha224] = NistObjectIdentifiers.IdSha224; + digestOids[NistObjectIdentifiers.DsaWithSha224] = NistObjectIdentifiers.IdSha256; + digestOids[NistObjectIdentifiers.DsaWithSha224] = NistObjectIdentifiers.IdSha384; + digestOids[NistObjectIdentifiers.DsaWithSha224] = NistObjectIdentifiers.IdSha512; + digestOids[NistObjectIdentifiers.IdDsaWithSha3_224] = NistObjectIdentifiers.IdSha3_224; + digestOids[NistObjectIdentifiers.IdDsaWithSha3_256] = NistObjectIdentifiers.IdSha3_256; + digestOids[NistObjectIdentifiers.IdDsaWithSha3_384] = NistObjectIdentifiers.IdSha3_384; + digestOids[NistObjectIdentifiers.IdDsaWithSha3_512] = NistObjectIdentifiers.IdSha3_512; + digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_224] = NistObjectIdentifiers.IdSha3_224; + digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_256] = NistObjectIdentifiers.IdSha3_256; + digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_384] = NistObjectIdentifiers.IdSha3_384; + digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_512] = NistObjectIdentifiers.IdSha3_512; + digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224] = NistObjectIdentifiers.IdSha3_224; + digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256] = NistObjectIdentifiers.IdSha3_256; + digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384] = NistObjectIdentifiers.IdSha3_384; + digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512] = NistObjectIdentifiers.IdSha3_512; + + digestOids[PkcsObjectIdentifiers.MD2WithRsaEncryption] = PkcsObjectIdentifiers.MD2; + digestOids[PkcsObjectIdentifiers.MD4WithRsaEncryption] = PkcsObjectIdentifiers.MD4; + digestOids[PkcsObjectIdentifiers.MD5WithRsaEncryption] = PkcsObjectIdentifiers.MD5; + digestOids[PkcsObjectIdentifiers.Sha1WithRsaEncryption] = OiwObjectIdentifiers.IdSha1; + digestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128] = TeleTrusTObjectIdentifiers.RipeMD128; + digestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160] = TeleTrusTObjectIdentifiers.RipeMD160; + digestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256] = TeleTrusTObjectIdentifiers.RipeMD256; + digestOids[CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94] = CryptoProObjectIdentifiers.GostR3411; + digestOids[CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001] = CryptoProObjectIdentifiers.GostR3411; + digestOids[RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256] = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256; + digestOids[RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512] = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512; + digestOids[GMObjectIdentifiers.sm2sign_with_sm3] = GMObjectIdentifiers.sm3; + + } + + private static AlgorithmIdentifier Generate(string signatureAlgorithm) + { + AlgorithmIdentifier sigAlgId; + AlgorithmIdentifier encAlgId; + AlgorithmIdentifier digAlgId; + + string algorithmName = Strings.ToUpperCase(signatureAlgorithm); + DerObjectIdentifier sigOID = (DerObjectIdentifier)algorithms[algorithmName]; + if (sigOID == null) + { + throw new ArgumentException("Unknown signature type requested: " + algorithmName); } - private static RsassaPssParameters CreatePssParams(AlgorithmIdentifier hashAlgId, int saltSize) + if (noParams.Contains(sigOID)) + { + sigAlgId = new AlgorithmIdentifier(sigOID); + } + else if (_params.Contains(algorithmName)) { - return new RsassaPssParameters( - hashAlgId, - new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, hashAlgId), - new DerInteger(saltSize), - new DerInteger(1)); + sigAlgId = new AlgorithmIdentifier(sigOID, (Asn1Encodable)_params[algorithmName]); + } + else + { + sigAlgId = new AlgorithmIdentifier(sigOID, DerNull.Instance); } - public AlgorithmIdentifier Find(string sigAlgName) + if (pkcs15RsaEncryption.Contains(sigOID)) { - - return Generate(sigAlgName); + encAlgId = new AlgorithmIdentifier(PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance); + } + else + { + encAlgId = sigAlgId; } - } - + if (sigAlgId.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss)) + { + digAlgId = ((RsassaPssParameters)sigAlgId.Parameters).HashAlgorithm; + } + else + { + digAlgId = new AlgorithmIdentifier((DerObjectIdentifier)digestOids[sigOID], DerNull.Instance); + } + return sigAlgId; + } + private static RsassaPssParameters CreatePssParams(AlgorithmIdentifier hashAlgId, int saltSize) + { + return new RsassaPssParameters( + hashAlgId, + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, hashAlgId), + new DerInteger(saltSize), + new DerInteger(1)); + } + public AlgorithmIdentifier Find(string sigAlgName) + { + return Generate(sigAlgName); + } + } public class DefaultDigestAlgorithmIdentifierFinder { @@ -449,7 +440,7 @@ namespace Org.BouncyCastle.Cms return digAlgId; } - public AlgorithmIdentifier find(String digAlgName) + public AlgorithmIdentifier find(string digAlgName) { return new AlgorithmIdentifier((DerObjectIdentifier)digestNameToOids[digAlgName], DerNull.Instance); } @@ -583,7 +574,7 @@ namespace Org.BouncyCastle.Cms * Return a map of oids and byte arrays representing the digests calculated on the content during * the last generate. * - * @return a map of oids (as String objects) and byte[] representing digests. + * @return a map of oids (as string objects) and byte[] representing digests. */ public IDictionary GetGeneratedDigests() { diff --git a/crypto/src/cms/CMSSignedHelper.cs b/crypto/src/cms/CMSSignedHelper.cs index 5b6c93b6a..3fb3cee26 100644 --- a/crypto/src/cms/CMSSignedHelper.cs +++ b/crypto/src/cms/CMSSignedHelper.cs @@ -161,7 +161,7 @@ namespace Org.BouncyCastle.Cms { string[] aliases = (string[]) digestAliases[algName]; - return aliases == null ? new String[0] : (string[]) aliases.Clone(); + return aliases == null ? new string[0] : (string[]) aliases.Clone(); } /** diff --git a/crypto/src/cms/EnvelopedDataHelper.cs b/crypto/src/cms/EnvelopedDataHelper.cs index fe5bc2a97..6d1c7bb3a 100644 --- a/crypto/src/cms/EnvelopedDataHelper.cs +++ b/crypto/src/cms/EnvelopedDataHelper.cs @@ -1,4 +1,6 @@ -using System.Collections; +using System; +using System.Collections; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Nist; using Org.BouncyCastle.Asn1.Oiw; @@ -12,7 +14,6 @@ using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Crypto.Utilities; using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities; -using Org.BouncyCastle.Crypto.Utilites; namespace Org.BouncyCastle.Cms { @@ -20,20 +21,15 @@ namespace Org.BouncyCastle.Cms { private static readonly IDictionary BaseCipherNames = Platform.CreateHashtable(); private static readonly IDictionary MacAlgNames = Platform.CreateHashtable(); - - private static readonly IDictionary prfs = Platform.CreateHashtable(); - - - public delegate IDigest DigestCreator(); + //private static readonly IDictionary PrfDigests = Platform.CreateHashtable(); static EnvelopedDataHelper() { - prfs.Add(PkcsObjectIdentifiers.IdHmacWithSha1, new DigestProvider(delegate () { return new Sha1Digest(); })); - prfs.Add(PkcsObjectIdentifiers.IdHmacWithSha224, new DigestProvider(delegate () { return new Sha224Digest(); })); - prfs.Add(PkcsObjectIdentifiers.IdHmacWithSha256, new DigestProvider(delegate () { return new Sha256Digest(); })); - prfs.Add(PkcsObjectIdentifiers.IdHmacWithSha384, new DigestProvider(delegate () { return new Sha384Digest(); })); - prfs.Add(PkcsObjectIdentifiers.IdHmacWithSha512, new DigestProvider(delegate () { return new Sha512Digest(); })); - + //PrfDigests.Add(PkcsObjectIdentifiers.IdHmacWithSha1, "SHA-1"); + //PrfDigests.Add(PkcsObjectIdentifiers.IdHmacWithSha224, "SHA-224"); + //PrfDigests.Add(PkcsObjectIdentifiers.IdHmacWithSha256, "SHA-256"); + //PrfDigests.Add(PkcsObjectIdentifiers.IdHmacWithSha384, "SHA-384"); + //PrfDigests.Add(PkcsObjectIdentifiers.IdHmacWithSha512, "SHA-512"); BaseCipherNames.Add(PkcsObjectIdentifiers.DesEde3Cbc, "DESEDE"); BaseCipherNames.Add(NistObjectIdentifiers.IdAes128Cbc, "AES"); @@ -47,77 +43,53 @@ namespace Org.BouncyCastle.Cms MacAlgNames.Add(PkcsObjectIdentifiers.RC2Cbc, "RC2Mac"); } - static IDigest GetPrf(AlgorithmIdentifier algID) - { - return ((DigestCreator)prfs[algID]).Invoke(); - } - - - static IWrapper CreateRFC3211Wrapper(DerObjectIdentifier algorithm) - - { - if (NistObjectIdentifiers.IdAes128Cbc.Equals(algorithm) - || NistObjectIdentifiers.IdAes192Cbc.Equals(algorithm) - || NistObjectIdentifiers.IdAes256Cbc.Equals(algorithm)) - { - return new Rfc3211WrapEngine(new AesEngine()); - } - else if (PkcsObjectIdentifiers.DesEde3Cbc.Equals(algorithm)) - { - return new Rfc3211WrapEngine(new DesEdeEngine()); - } - else if (OiwObjectIdentifiers.DesCbc.Equals(algorithm)) - { - return new Rfc3211WrapEngine(new DesEngine()); - } - else if (PkcsObjectIdentifiers.RC2Cbc.Equals(algorithm)) - { - return new Rfc3211WrapEngine(new RC2Engine()); - } - else - { - throw new CmsException("cannot recognise wrapper: " + algorithm); - } - } - - - - public static object CreateContentCipher(bool forEncryption, ICipherParameters encKey, - AlgorithmIdentifier encryptionAlgID) - + //internal static IDigest GetPrf(AlgorithmIdentifier algID) + //{ + // string digestName = (string)PrfDigests[algID]; + + // return DigestUtilities.GetDigest(digestName); + //} + + //internal static IWrapper CreateRfc3211Wrapper(DerObjectIdentifier algorithm) + //{ + // if (NistObjectIdentifiers.IdAes128Cbc.Equals(algorithm) + // || NistObjectIdentifiers.IdAes192Cbc.Equals(algorithm) + // || NistObjectIdentifiers.IdAes256Cbc.Equals(algorithm)) + // { + // return new Rfc3211WrapEngine(new AesEngine()); + // } + // else if (PkcsObjectIdentifiers.DesEde3Cbc.Equals(algorithm)) + // { + // return new Rfc3211WrapEngine(new DesEdeEngine()); + // } + // else if (OiwObjectIdentifiers.DesCbc.Equals(algorithm)) + // { + // return new Rfc3211WrapEngine(new DesEngine()); + // } + // else if (PkcsObjectIdentifiers.RC2Cbc.Equals(algorithm)) + // { + // return new Rfc3211WrapEngine(new RC2Engine()); + // } + // else + // { + // throw new CmsException("cannot recognise wrapper: " + algorithm); + // } + //} + + public static object CreateContentCipher(bool forEncryption, ICipherParameters encKey, + AlgorithmIdentifier encryptionAlgID) { return CipherFactory.CreateContentCipher(forEncryption, encKey, encryptionAlgID); } - public AlgorithmIdentifier GenerateEncryptionAlgID(DerObjectIdentifier encryptionOID, KeyParameter encKey, SecureRandom random) { return AlgorithmIdentifierFactory.GenerateEncryptionAlgID(encryptionOID, encKey.GetKey().Length * 8, random); } - public CipherKeyGenerator CreateKeyGenerator(DerObjectIdentifier algorithm, SecureRandom random) - + public CipherKeyGenerator CreateKeyGenerator(DerObjectIdentifier algorithm, SecureRandom random) { return CipherKeyGeneratorFactory.CreateKeyGenerator(algorithm, random); } - - - } - - // This exists because we can't directly put a delegate in a map as it is - // not an object. - internal class DigestProvider - { - private readonly EnvelopedDataHelper.DigestCreator creator; - - public DigestProvider(EnvelopedDataHelper.DigestCreator creator) - { - this.creator = creator; - } - - public IDigest Create() - { - return creator.Invoke(); - } } } diff --git a/crypto/src/crmf/AuthenticatorControl.cs b/crypto/src/crmf/AuthenticatorControl.cs index 976135ed8..fc546ede5 100644 --- a/crypto/src/crmf/AuthenticatorControl.cs +++ b/crypto/src/crmf/AuthenticatorControl.cs @@ -1,4 +1,5 @@ using System; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Crmf; @@ -7,9 +8,9 @@ namespace Org.BouncyCastle.Crmf /// <summary> /// Carrier for an authenticator control. /// </summary> - public class AuthenticatorControl:IControl + public class AuthenticatorControl + : IControl { - private static readonly DerObjectIdentifier type = CrmfObjectIdentifiers.id_regCtrl_authenticator; private readonly DerUtf8String token; @@ -27,7 +28,7 @@ namespace Org.BouncyCastle.Crmf /// Basic constructor - build from a string representing the token. /// </summary> /// <param name="token">string representing the token.</param> - public AuthenticatorControl(String token) + public AuthenticatorControl(string token) { this.token = new DerUtf8String(token); } @@ -43,7 +44,8 @@ namespace Org.BouncyCastle.Crmf /// <summary> /// Return the token associated with this control (a UTF8String). /// </summary> - public Asn1Encodable Value { + public Asn1Encodable Value + { get { return token; } } } diff --git a/crypto/src/crmf/CertificateRequestMessage.cs b/crypto/src/crmf/CertificateRequestMessage.cs index 5b5d37c9e..c733eecbb 100644 --- a/crypto/src/crmf/CertificateRequestMessage.cs +++ b/crypto/src/crmf/CertificateRequestMessage.cs @@ -1,4 +1,5 @@ using System; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Crmf; using Org.BouncyCastle.Crypto; @@ -16,18 +17,18 @@ namespace Org.BouncyCastle.Crmf private readonly CertReqMsg certReqMsg; private readonly Controls controls; - private static CertReqMsg ParseBytes(byte[] encoding) - { - return CertReqMsg.GetInstance(encoding); + private static CertReqMsg ParseBytes(byte[] encoding) + { + return CertReqMsg.GetInstance(encoding); } /// <summary> /// Create a CertificateRequestMessage from the passed in bytes. /// </summary> /// <param name="encoded">BER/DER encoding of the CertReqMsg structure.</param> - public CertificateRequestMessage(byte[] encoded):this(CertReqMsg.GetInstance(encoded)) + public CertificateRequestMessage(byte[] encoded) + : this(CertReqMsg.GetInstance(encoded)) { - } public CertificateRequestMessage(CertReqMsg certReqMsg) @@ -42,7 +43,7 @@ namespace Org.BouncyCastle.Crmf /// <returns>A CertReqMsg</returns> public CertReqMsg ToAsn1Structure() { - return certReqMsg; + return certReqMsg; } /// <summary> @@ -70,7 +71,7 @@ namespace Org.BouncyCastle.Crmf /// <returns>true if a control value of type is present, false otherwise.</returns> public bool HasControl(DerObjectIdentifier objectIdentifier) { - return findControl(objectIdentifier) != null; + return FindControl(objectIdentifier) != null; } /// <summary> @@ -80,7 +81,7 @@ namespace Org.BouncyCastle.Crmf /// <returns>the control value if present, null otherwise.</returns> public IControl GetControl(DerObjectIdentifier type) { - AttributeTypeAndValue found = findControl(type); + AttributeTypeAndValue found = FindControl(type); if (found != null) { if (found.Type.Equals(CrmfObjectIdentifiers.id_regCtrl_pkiArchiveOptions)) @@ -97,14 +98,11 @@ namespace Org.BouncyCastle.Crmf { return new AuthenticatorControl(DerUtf8String.GetInstance(found.Value)); } - } + } return null; } - - - - public AttributeTypeAndValue findControl(DerObjectIdentifier type) + public AttributeTypeAndValue FindControl(DerObjectIdentifier type) { if (controls == null) { @@ -163,9 +161,9 @@ namespace Org.BouncyCastle.Crmf } return false; - } } + /// <summary> /// Return whether or not a signing key proof-of-possession (POP) is valid. /// </summary> @@ -189,8 +187,6 @@ namespace Org.BouncyCastle.Crmf throw new InvalidOperationException("not Signing Key type of proof of possession"); } - - private bool verifySignature(IVerifierFactoryProvider verifierFactoryProvider, PopoSigningKey signKey) { IVerifierFactory verifer; @@ -202,22 +198,22 @@ namespace Org.BouncyCastle.Crmf } catch (Exception ex) { - throw new CrmfException("unable to create verifier: "+ex.Message, ex); + throw new CrmfException("unable to create verifier: " + ex.Message, ex); } if (signKey.PoposkInput != null) { byte[] b = signKey.GetDerEncoded(); - calculator.Stream.Write(b,0,b.Length); + calculator.Stream.Write(b, 0, b.Length); } else - { + { byte[] b = certReqMsg.CertReq.GetDerEncoded(); - calculator.Stream.Write(b,0,b.Length); + calculator.Stream.Write(b, 0, b.Length); } - DefaultVerifierResult result = (DefaultVerifierResult) calculator.GetResult(); - + DefaultVerifierResult result = (DefaultVerifierResult)calculator.GetResult(); + return result.IsVerified(signKey.Signature.GetBytes()); } diff --git a/crypto/src/crmf/CertificateRequestMessageBuilder.cs b/crypto/src/crmf/CertificateRequestMessageBuilder.cs index 9c3cf954d..88d1d87bd 100644 --- a/crypto/src/crmf/CertificateRequestMessageBuilder.cs +++ b/crypto/src/crmf/CertificateRequestMessageBuilder.cs @@ -1,14 +1,13 @@ using System; using System.Collections; -using System.Collections.Generic; -using System.Security.Cryptography.X509Certificates; -using System.Text; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Crmf; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Crmf { @@ -17,7 +16,7 @@ namespace Org.BouncyCastle.Crmf private readonly BigInteger _certReqId; private X509ExtensionsGenerator _extGenerator; private CertTemplateBuilder _templateBuilder; - private ArrayList _controls= new ArrayList(); + private IList _controls = Platform.CreateArrayList(); private ISignatureFactory _popSigner; private PKMacBuilder _pkMacBuilder; private char[] _password; @@ -44,7 +43,6 @@ namespace Org.BouncyCastle.Crmf return this; } - public CertificateRequestMessageBuilder SetIssuer(X509Name issuer) { if (issuer != null) @@ -78,13 +76,13 @@ namespace Org.BouncyCastle.Crmf public CertificateRequestMessageBuilder SetValidity(Time notBefore, Time notAfter) { _templateBuilder.SetValidity(new OptionalValidity(notBefore, notAfter)); - return this; + return this; } public CertificateRequestMessageBuilder AddExtension(DerObjectIdentifier oid, bool critical, Asn1Encodable value) { - _extGenerator.AddExtension(oid,critical, value); + _extGenerator.AddExtension(oid, critical, value); return this; } @@ -109,7 +107,7 @@ namespace Org.BouncyCastle.Crmf } this._popSigner = popoSignatureFactory; - + return this; } @@ -123,7 +121,6 @@ namespace Org.BouncyCastle.Crmf this._popoType = ProofOfPossession.TYPE_KEY_ENCIPHERMENT; this._popoPrivKey = new PopoPrivKey(msg); - return this; } @@ -142,7 +139,7 @@ namespace Org.BouncyCastle.Crmf this._popoType = type; this._popoPrivKey = new PopoPrivKey(msg); - return this; + return this; } public CertificateRequestMessageBuilder SetProofOfPossessionAgreeMac(PKMacValue macValue) @@ -152,7 +149,7 @@ namespace Org.BouncyCastle.Crmf throw new InvalidOperationException("only one proof of possession allowed"); } - this._agreeMac = macValue; + this._agreeMac = macValue; return this; } @@ -189,35 +186,31 @@ namespace Org.BouncyCastle.Crmf public CertificateRequestMessage Build() { - Asn1EncodableVector v = new Asn1EncodableVector(); - - v.Add(new DerInteger(this._certReqId)); + Asn1EncodableVector v = new Asn1EncodableVector(new DerInteger(this._certReqId)); if (!this._extGenerator.IsEmpty) { - this._templateBuilder.SetExtensions(_extGenerator.Generate()); + this._templateBuilder.SetExtensions(_extGenerator.Generate()); } v.Add(_templateBuilder.Build()); - if (_controls.Count>0) + if (_controls.Count > 0) { Asn1EncodableVector controlV = new Asn1EncodableVector(); - foreach (Object item in _controls) + foreach (object item in _controls) { - IControl control = (IControl) item; + IControl control = (IControl)item; controlV.Add(new AttributeTypeAndValue(control.Type, control.Value)); } - + v.Add(new DerSequence(controlV)); } CertRequest request = CertRequest.GetInstance(new DerSequence(v)); - v = new Asn1EncodableVector(); - - v.Add(request); + v = new Asn1EncodableVector(request); if (_popSigner != null) { @@ -226,27 +219,27 @@ namespace Org.BouncyCastle.Crmf if (template.Subject == null || template.PublicKey == null) { SubjectPublicKeyInfo pubKeyInfo = request.CertTemplate.PublicKey; - + ProofOfPossessionSigningKeyBuilder builder = new ProofOfPossessionSigningKeyBuilder(pubKeyInfo); if (_sender != null) { - builder.setSender(_sender); + builder.SetSender(_sender); } else { - // PkMa pkmacGenerator = new PKMACValueGenerator(_pkmacBuilder); + //PKMACValueGenerator pkmacGenerator = new PKMACValueGenerator(_pkmacBuilder); - builder.setPublicKeyMac(_pkMacBuilder, _password); + builder.SetPublicKeyMac(_pkMacBuilder, _password); } - v.Add(new ProofOfPossession(builder.build(_popSigner))); + v.Add(new ProofOfPossession(builder.Build(_popSigner))); } else { ProofOfPossessionSigningKeyBuilder builder = new ProofOfPossessionSigningKeyBuilder(request); - v.Add(new ProofOfPossession(builder.build(_popSigner))); + v.Add(new ProofOfPossession(builder.Build(_popSigner))); } } else if (_popoPrivKey != null) @@ -256,7 +249,7 @@ namespace Org.BouncyCastle.Crmf else if (_agreeMac != null) { v.Add(new ProofOfPossession(ProofOfPossession.TYPE_KEY_AGREEMENT, - PopoPrivKey.GetInstance(new DerTaggedObject(false, PopoPrivKey.agreeMAC, _agreeMac),true ))); + PopoPrivKey.GetInstance(new DerTaggedObject(false, PopoPrivKey.agreeMAC, _agreeMac), true))); } else if (_popRaVerified != null) diff --git a/crypto/src/crmf/CrmfException.cs b/crypto/src/crmf/CrmfException.cs index c80f480b7..5ae13a0eb 100644 --- a/crypto/src/crmf/CrmfException.cs +++ b/crypto/src/crmf/CrmfException.cs @@ -1,25 +1,21 @@ using System; -using System.Collections.Generic; -using System.Runtime.Serialization; -using System.Text; namespace Org.BouncyCastle.Crmf { - public class CrmfException : Exception + public class CrmfException + : Exception { public CrmfException() { } - public CrmfException(string message) : base(message) + public CrmfException(string message) + : base(message) { } - public CrmfException(string message, Exception innerException) : base(message, innerException) - { - } - - protected CrmfException(SerializationInfo info, StreamingContext context) : base(info, context) + public CrmfException(string message, Exception innerException) + : base(message, innerException) { } } diff --git a/crypto/src/crmf/DefaultPKMacPrimitivesProvider.cs b/crypto/src/crmf/DefaultPKMacPrimitivesProvider.cs index 1757d6a92..01e196ef4 100644 --- a/crypto/src/crmf/DefaultPKMacPrimitivesProvider.cs +++ b/crypto/src/crmf/DefaultPKMacPrimitivesProvider.cs @@ -1,14 +1,13 @@ using System; -using System.Collections.Generic; -using System.Text; + using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Security; -using Org.BouncyCastle.Crypto.Parameters; namespace Org.BouncyCastle.Crmf { - public class DefaultPKMacPrimitivesProvider : IPKMacPrimitivesProvider + public class DefaultPKMacPrimitivesProvider + : IPKMacPrimitivesProvider { public IDigest CreateDigest(AlgorithmIdentifier digestAlg) { diff --git a/crypto/src/crmf/EncryptedValueBuilder.cs b/crypto/src/crmf/EncryptedValueBuilder.cs index b8076c0e9..8f220330e 100644 --- a/crypto/src/crmf/EncryptedValueBuilder.cs +++ b/crypto/src/crmf/EncryptedValueBuilder.cs @@ -1,28 +1,28 @@ using System; using System.Collections; -using System.Collections.Generic; +using System.IO; using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Crmf; using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Engines; using Org.BouncyCastle.Crypto.Parameters; -using Org.BouncyCastle.Utilities; -using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Asn1; -using Org.BouncyCastle.Asn1.Crmf; -using System.IO; using Org.BouncyCastle.Pkcs; -using Org.BouncyCastle.Asn1.Pkcs; -using Org.BouncyCastle.X509; +using Org.BouncyCastle.Utilities; using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.X509; namespace Org.BouncyCastle.Crmf { public class EncryptedValueBuilder { - private IKeyWrapper wrapper; - private ICipherBuilderWithKey encryptor; - private EncryptedValuePadder padder; + private readonly IKeyWrapper wrapper; + private readonly ICipherBuilderWithKey encryptor; + private readonly IEncryptedValuePadder padder; /// /// Create a builder that makes EncryptedValue structures. @@ -30,7 +30,8 @@ namespace Org.BouncyCastle.Crmf /// <param name="wrapper">wrapper a wrapper for key used to encrypt the actual data contained in the EncryptedValue.</param> /// <param name="encryptor">encryptor an output encryptor to encrypt the actual data contained in the EncryptedValue. </param> /// - public EncryptedValueBuilder(IKeyWrapper wrapper, ICipherBuilderWithKey encryptor) : this(wrapper, encryptor, null) + public EncryptedValueBuilder(IKeyWrapper wrapper, ICipherBuilderWithKey encryptor) + : this(wrapper, encryptor, null) { } @@ -41,7 +42,7 @@ namespace Org.BouncyCastle.Crmf /// <param name="encryptor">encryptor an output encryptor to encrypt the actual data contained in the EncryptedValue.</param> /// <param name="padder">padder a padder to ensure that the EncryptedValue created will always be a constant length.</param> /// - public EncryptedValueBuilder(IKeyWrapper wrapper, ICipherBuilderWithKey encryptor, EncryptedValuePadder padder) + public EncryptedValueBuilder(IKeyWrapper wrapper, ICipherBuilderWithKey encryptor, IEncryptedValuePadder padder) { this.wrapper = wrapper; this.encryptor = encryptor; @@ -56,7 +57,7 @@ namespace Org.BouncyCastle.Crmf /// public EncryptedValue Build(char[] revocationPassphrase) { - return encryptData(padData(Strings.ToUtf8ByteArray(revocationPassphrase))); + return EncryptData(PadData(Strings.ToUtf8ByteArray(revocationPassphrase))); } ///<summary> @@ -71,7 +72,7 @@ namespace Org.BouncyCastle.Crmf { try { - return encryptData(padData(holder.GetEncoded())); + return EncryptData(PadData(holder.GetEncoded())); } catch (IOException e) { @@ -110,19 +111,16 @@ namespace Org.BouncyCastle.Crmf { throw new CrmfException("cannot wrap key: " + e.Message, e); } - } - private EncryptedValue encryptData(byte[] data) + private EncryptedValue EncryptData(byte[] data) { MemoryOutputStream bOut = new MemoryOutputStream(); - Stream eOut = encryptor.BuildCipher(bOut).Stream; try { eOut.Write(data, 0, data.Length); - eOut.Close(); } catch (IOException e) @@ -132,8 +130,8 @@ namespace Org.BouncyCastle.Crmf AlgorithmIdentifier intendedAlg = null; AlgorithmIdentifier symmAlg = (AlgorithmIdentifier)encryptor.AlgorithmDetails; - DerBitString encSymmKey; + DerBitString encSymmKey; try { encSymmKey = new DerBitString(wrapper.Wrap(((KeyParameter)encryptor.Key).GetKey()).Collect()); @@ -150,7 +148,7 @@ namespace Org.BouncyCastle.Crmf return new EncryptedValue(intendedAlg, symmAlg, encSymmKey, keyAlg, valueHint, encValue); } - private byte[] padData(byte[] data) + private byte[] PadData(byte[] data) { if (padder != null) { diff --git a/crypto/src/crmf/IControl.cs b/crypto/src/crmf/IControl.cs index 14fcc2cd3..9a29ac12a 100644 --- a/crypto/src/crmf/IControl.cs +++ b/crypto/src/crmf/IControl.cs @@ -1,8 +1,6 @@ using System; using Org.BouncyCastle.Asn1; -using Org.BouncyCastle.Asn1.Crmf; -using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Crmf { diff --git a/crypto/src/crmf/IEncryptedValuePadder.cs b/crypto/src/crmf/IEncryptedValuePadder.cs index b12993e1f..b8986144e 100644 --- a/crypto/src/crmf/IEncryptedValuePadder.cs +++ b/crypto/src/crmf/IEncryptedValuePadder.cs @@ -1,15 +1,12 @@ using System; -using System.Collections.Generic; -using System.Text; namespace Org.BouncyCastle.Crmf { - /// <summary> /// An encrypted value padder is used to make sure that prior to a value been /// encrypted the data is padded to a standard length. /// </summary> - public interface EncryptedValuePadder + public interface IEncryptedValuePadder { /// /// <summary>Return a byte array of padded data.</summary> diff --git a/crypto/src/crmf/IPKMacPrimitivesProvider.cs b/crypto/src/crmf/IPKMacPrimitivesProvider.cs index 8b90be515..08f6a624a 100644 --- a/crypto/src/crmf/IPKMacPrimitivesProvider.cs +++ b/crypto/src/crmf/IPKMacPrimitivesProvider.cs @@ -1,20 +1,6 @@ using System; -using System.Collections.Generic; -using System.IO; -using System.Text; -using Org.BouncyCastle.Asn1; -using Org.BouncyCastle.Asn1.Cmp; -using Org.BouncyCastle.Asn1.Iana; -using Org.BouncyCastle.Asn1.Nist; -using Org.BouncyCastle.Asn1.Oiw; -using Org.BouncyCastle.Asn1.Pkcs; + using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Cms; -using Org.BouncyCastle.Crypto.IO; -using Org.BouncyCastle.Crypto.Parameters; -using Org.BouncyCastle.Security; -using Org.BouncyCastle.Utilities; -using Org.BouncyCastle.Utilities.Encoders; using Org.BouncyCastle.Crypto; namespace Org.BouncyCastle.Crmf diff --git a/crypto/src/crmf/PKMacBuilder.cs b/crypto/src/crmf/PKMacBuilder.cs index 00bec9f8b..6741177da 100644 --- a/crypto/src/crmf/PKMacBuilder.cs +++ b/crypto/src/crmf/PKMacBuilder.cs @@ -1,30 +1,24 @@ using System; -using System.Collections.Generic; using System.IO; -using System.Text; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cmp; using Org.BouncyCastle.Asn1.Iana; -using Org.BouncyCastle.Asn1.Nist; using Org.BouncyCastle.Asn1.Oiw; -using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Cms; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.IO; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities; -using Org.BouncyCastle.Utilities.Encoders; - namespace Org.BouncyCastle.Crmf { - - class PKMacStreamCalculator : IStreamCalculator + internal class PKMacStreamCalculator + : IStreamCalculator { private readonly MacSink _stream; - + public PKMacStreamCalculator(IMac mac) { _stream = new MacSink(mac); @@ -41,17 +35,16 @@ namespace Org.BouncyCastle.Crmf } } - class PKMacFactory : IMacFactory + internal class PKMacFactory + : IMacFactory { protected readonly PbmParameter parameters; - private byte[] key; - - + private readonly byte[] key; + public PKMacFactory(byte[] key, PbmParameter parameters) { this.key = Arrays.Clone(key); - - this.parameters = parameters; + this.parameters = parameters; } public virtual object AlgorithmDetails @@ -62,14 +55,13 @@ namespace Org.BouncyCastle.Crmf public virtual IStreamCalculator CreateCalculator() { IMac mac = MacUtilities.GetMac(parameters.Mac.Algorithm); - mac.Init(new KeyParameter(key)); - return new PKMacStreamCalculator(mac); } } - class DefaultPKMacResult: IBlockResult + internal class DefaultPKMacResult + : IBlockResult { private readonly IMac mac; @@ -81,9 +73,7 @@ namespace Org.BouncyCastle.Crmf public byte[] Collect() { byte[] res = new byte[mac.GetMacSize()]; - mac.DoFinal(res, 0); - return res; } @@ -121,7 +111,7 @@ namespace Org.BouncyCastle.Crmf /// <param name="provider"></param> public PKMacBuilder(IPKMacPrimitivesProvider provider) : this(new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1), 1000, new AlgorithmIdentifier(IanaObjectIdentifiers.HmacSha1, DerNull.Instance), provider) - { + { } /// <summary> @@ -146,7 +136,6 @@ namespace Org.BouncyCastle.Crmf this.maxIterations = maxIterations; } - private PKMacBuilder(AlgorithmIdentifier digestAlgorithmIdentifier, int iterationCount, AlgorithmIdentifier macAlgorithmIdentifier, IPKMacPrimitivesProvider provider) { this.iterationCount = iterationCount; @@ -164,9 +153,7 @@ namespace Org.BouncyCastle.Crmf public PKMacBuilder SetSaltLength(int saltLength) { if (saltLength < 8) - { throw new ArgumentException("salt length must be at least 8 bytes"); - } this.saltLength = saltLength; @@ -182,10 +169,9 @@ namespace Org.BouncyCastle.Crmf public PKMacBuilder SetIterationCount(int iterationCount) { if (iterationCount < 100) - { throw new ArgumentException("iteration count must be at least 100"); - } - checkIterationCountCeiling(iterationCount); + + CheckIterationCountCeiling(iterationCount); this.iterationCount = iterationCount; @@ -199,7 +185,7 @@ namespace Org.BouncyCastle.Crmf /// <returns>this</returns> public PKMacBuilder SetParameters(PbmParameter parameters) { - checkIterationCountCeiling(parameters.IterationCount.Value.IntValue); + CheckIterationCountCeiling(parameters.IterationCount.Value.IntValue); this.parameters = parameters; @@ -215,7 +201,7 @@ namespace Org.BouncyCastle.Crmf { this.random = random; - return this; + return this; } /// <summary> @@ -226,33 +212,27 @@ namespace Org.BouncyCastle.Crmf public IMacFactory Build(char[] password) { if (parameters != null) + return GenCalculator(parameters, password); + + byte[] salt = new byte[saltLength]; + + if (random == null) { - return genCalculator(parameters, password); + this.random = new SecureRandom(); } - else - { - byte[] salt = new byte[saltLength]; - - if (random == null) - { - this.random = new SecureRandom(); - } - random.NextBytes(salt); + random.NextBytes(salt); - return genCalculator(new PbmParameter(salt, owf, iterationCount, mac), password); - } + return GenCalculator(new PbmParameter(salt, owf, iterationCount, mac), password); } - private void checkIterationCountCeiling(int iterationCount) + private void CheckIterationCountCeiling(int iterationCount) { if (maxIterations > 0 && iterationCount > maxIterations) - { throw new ArgumentException("iteration count exceeds limit (" + iterationCount + " > " + maxIterations + ")"); - } } - private IMacFactory genCalculator(PbmParameter parameters, char[] password) + private IMacFactory GenCalculator(PbmParameter parameters, char[] password) { // From RFC 4211 // @@ -273,8 +253,8 @@ namespace Org.BouncyCastle.Crmf byte[] salt = parameters.Salt.GetOctets(); byte[] K = new byte[pw.Length + salt.Length]; - System.Array.Copy(pw, 0, K, 0, pw.Length); - System.Array.Copy(salt, 0, K, pw.Length, salt.Length); + Array.Copy(pw, 0, K, 0, pw.Length); + Array.Copy(salt, 0, K, pw.Length, salt.Length); IDigest digest = provider.CreateDigest(parameters.Owf); diff --git a/crypto/src/crmf/PkiArchiveControl.cs b/crypto/src/crmf/PkiArchiveControl.cs index d533e6c52..251b8db96 100644 --- a/crypto/src/crmf/PkiArchiveControl.cs +++ b/crypto/src/crmf/PkiArchiveControl.cs @@ -1,6 +1,5 @@ using System; -using System.Collections.Generic; -using System.Text; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cms; using Org.BouncyCastle.Asn1.Crmf; @@ -8,7 +7,8 @@ using Org.BouncyCastle.Cms; namespace Org.BouncyCastle.Crmf { - public class PkiArchiveControl:IControl + public class PkiArchiveControl + : IControl { public static readonly int encryptedPrivKey = PkiArchiveOptions.encryptedPrivKey; public static readonly int keyGenParameters = PkiArchiveOptions.keyGenParameters; @@ -33,7 +33,7 @@ namespace Org.BouncyCastle.Crmf /// <returns>CRMFObjectIdentifiers.id_regCtrl_pkiArchiveOptions</returns> public DerObjectIdentifier Type { - + get { return type; } } @@ -87,9 +87,8 @@ namespace Org.BouncyCastle.Crmf } catch (Exception e) { - throw new CrmfException("CRMF parsing error: "+e.Message, e); + throw new CrmfException("CRMF parsing error: " + e.Message, e); } } - } } diff --git a/crypto/src/crmf/PkiArchiveControlBuilder.cs b/crypto/src/crmf/PkiArchiveControlBuilder.cs index 2677e4e0d..d79f3b5ed 100644 --- a/crypto/src/crmf/PkiArchiveControlBuilder.cs +++ b/crypto/src/crmf/PkiArchiveControlBuilder.cs @@ -1,5 +1,6 @@ using System; using System.IO; + using Org.BouncyCastle.Asn1.Cms; using Org.BouncyCastle.Asn1.Crmf; using Org.BouncyCastle.Asn1.Pkcs; @@ -30,7 +31,7 @@ namespace Org.BouncyCastle.Crmf } catch (IOException e) { - throw new InvalidOperationException("unable to encode key and general name info"); + throw new InvalidOperationException("unable to encode key and general name info", e); } this.envGen = new CmsEnvelopedDataGenerator(); @@ -55,4 +56,4 @@ namespace Org.BouncyCastle.Crmf return new PkiArchiveControl(new PkiArchiveOptions(new EncryptedKey(envD))); } } -} \ No newline at end of file +} diff --git a/crypto/src/crmf/ProofOfPossessionSigningKeyBuilder.cs b/crypto/src/crmf/ProofOfPossessionSigningKeyBuilder.cs index 8457585ff..49d10a6bf 100644 --- a/crypto/src/crmf/ProofOfPossessionSigningKeyBuilder.cs +++ b/crypto/src/crmf/ProofOfPossessionSigningKeyBuilder.cs @@ -1,12 +1,10 @@ using System; -using System.Collections.Generic; -using System.Text; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Crmf; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Operators; -using Org.BouncyCastle.Crypto.Paddings; namespace Org.BouncyCastle.Crmf { @@ -27,14 +25,14 @@ namespace Org.BouncyCastle.Crmf this._pubKeyInfo = pubKeyInfo; } - public ProofOfPossessionSigningKeyBuilder setSender(GeneralName name) + public ProofOfPossessionSigningKeyBuilder SetSender(GeneralName name) { this._name = name; return this; } - public ProofOfPossessionSigningKeyBuilder setPublicKeyMac(PKMacBuilder generator, char[] password) + public ProofOfPossessionSigningKeyBuilder SetPublicKeyMac(PKMacBuilder generator, char[] password) { IMacFactory fact = generator.Build(password); @@ -51,7 +49,7 @@ namespace Org.BouncyCastle.Crmf return this; } - public PopoSigningKey build(ISignatureFactory signer) + public PopoSigningKey Build(ISignatureFactory signer) { if (_name != null && _publicKeyMAC != null) { diff --git a/crypto/src/crmf/RegTokenControl.cs b/crypto/src/crmf/RegTokenControl.cs index 90e956f67..43484097c 100644 --- a/crypto/src/crmf/RegTokenControl.cs +++ b/crypto/src/crmf/RegTokenControl.cs @@ -1,17 +1,15 @@ using System; -using System.Collections.Generic; -using System.Text; -using Org.BouncyCastle.Crmf; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Crmf; namespace Org.BouncyCastle.Crmf { - public class RegTokenControl:IControl + public class RegTokenControl + : IControl { private static readonly DerObjectIdentifier type = CrmfObjectIdentifiers.id_regCtrl_regToken; - + private readonly DerUtf8String token; /// <summary> @@ -22,11 +20,12 @@ namespace Org.BouncyCastle.Crmf { this.token = token; } + /// <summary> /// Basic constructor - build from a string representing the token. /// </summary> /// <param name="token">string representing the token.</param> - public RegTokenControl(String token) + public RegTokenControl(string token) { this.token = new DerUtf8String(token); } diff --git a/crypto/src/crypto/ICipher.cs b/crypto/src/crypto/ICipher.cs index 9041e61ad..3768ee0e3 100644 --- a/crypto/src/crypto/ICipher.cs +++ b/crypto/src/crypto/ICipher.cs @@ -1,7 +1,5 @@ using System; -using System.Collections.Generic; using System.IO; -using System.Text; namespace Org.BouncyCastle.Crypto { diff --git a/crypto/src/crypto/ICipherBuilder.cs b/crypto/src/crypto/ICipherBuilder.cs index 5d4d1279c..9b0e2b343 100644 --- a/crypto/src/crypto/ICipherBuilder.cs +++ b/crypto/src/crypto/ICipherBuilder.cs @@ -6,19 +6,19 @@ namespace Org.BouncyCastle.Crypto /// <summary> /// Base interface for cipher builders. /// </summary> - public interface ICipherBuilder - { + public interface ICipherBuilder + { /// <summary> /// Return the algorithm and parameter details associated with any cipher built. /// </summary> - Object AlgorithmDetails { get ; } + object AlgorithmDetails { get; } /// <summary> /// Return the maximum output size that a given input will produce. /// </summary> /// <param name="inputLen">the length of the expected input.</param> /// <returns>The maximum possible output size that can produced for the expected input length.</returns> - int GetMaxOutputSize (int inputLen); + int GetMaxOutputSize(int inputLen); /// <summary> /// Build a cipher that operates on the passed in stream. @@ -26,6 +26,5 @@ namespace Org.BouncyCastle.Crypto /// <param name="stream">The stream to write/read any encrypted/decrypted data.</param> /// <returns>A cipher based around the given stream.</returns> ICipher BuildCipher(Stream stream); - } + } } - diff --git a/crypto/src/crypto/ICipherBuilderWithKey.cs b/crypto/src/crypto/ICipherBuilderWithKey.cs index 01a7a2caf..8e79a5e0e 100644 --- a/crypto/src/crypto/ICipherBuilderWithKey.cs +++ b/crypto/src/crypto/ICipherBuilderWithKey.cs @@ -1,10 +1,12 @@ - +using System; + namespace Org.BouncyCastle.Crypto { /// <summary> /// A cipher builder that can also return the key it was initialized with. /// </summary> - public interface ICipherBuilderWithKey: ICipherBuilder + public interface ICipherBuilderWithKey + : ICipherBuilder { /// <summary> /// Return the key we were initialized with. diff --git a/crypto/src/crypto/IDecryptorBuilderProvider.cs b/crypto/src/crypto/IDecryptorBuilderProvider.cs index 7f151e3ae..42ef2be18 100644 --- a/crypto/src/crypto/IDecryptorBuilderProvider.cs +++ b/crypto/src/crypto/IDecryptorBuilderProvider.cs @@ -12,7 +12,6 @@ namespace Org.BouncyCastle.Crypto /// </summary> /// <param name="algorithmDetails">The algorithm details/parameters to use to create the final cipher.</param> /// <returns>A new cipher builder.</returns> - ICipherBuilder CreateDecryptorBuilder (Object algorithmDetails); + ICipherBuilder CreateDecryptorBuilder(object algorithmDetails); } } - diff --git a/crypto/src/crypto/IKeyUnwrapper.cs b/crypto/src/crypto/IKeyUnwrapper.cs index 2e280d912..18d5a8d9f 100644 --- a/crypto/src/crypto/IKeyUnwrapper.cs +++ b/crypto/src/crypto/IKeyUnwrapper.cs @@ -6,11 +6,11 @@ namespace Org.BouncyCastle.Crypto /// Base interface for a key unwrapper. /// </summary> public interface IKeyUnwrapper - { + { /// <summary> /// The parameter set used to configure this key unwrapper. /// </summary> - Object AlgorithmDetails { get; } + object AlgorithmDetails { get; } /// <summary> /// Unwrap the passed in data. @@ -20,6 +20,5 @@ namespace Org.BouncyCastle.Crypto /// <param name="length">The length of the data to be unwrapped.</param> /// <returns>an IBlockResult containing the unwrapped key data.</returns> IBlockResult Unwrap(byte[] cipherText, int offset, int length); - } + } } - diff --git a/crypto/src/crypto/IKeyWrapper.cs b/crypto/src/crypto/IKeyWrapper.cs index d3ece2de2..27f338420 100644 --- a/crypto/src/crypto/IKeyWrapper.cs +++ b/crypto/src/crypto/IKeyWrapper.cs @@ -1,6 +1,4 @@ using System; -using System.Collections.Generic; -using System.Text; namespace Org.BouncyCastle.Crypto { @@ -12,7 +10,7 @@ namespace Org.BouncyCastle.Crypto /// <summary> /// The parameter set used to configure this key wrapper. /// </summary> - Object AlgorithmDetails { get; } + object AlgorithmDetails { get; } /// <summary> /// Wrap the passed in key data. diff --git a/crypto/src/crypto/IMacFactory.cs b/crypto/src/crypto/IMacFactory.cs index d6b7ddfa7..9180ef1ea 100644 --- a/crypto/src/crypto/IMacFactory.cs +++ b/crypto/src/crypto/IMacFactory.cs @@ -1,13 +1,11 @@ using System; -using System.Collections.Generic; -using System.Text; namespace Org.BouncyCastle.Crypto { public interface IMacFactory { /// <summary>The algorithm details object for this calculator.</summary> - Object AlgorithmDetails { get; } + object AlgorithmDetails { get; } /// <summary> /// Create a stream calculator for this signature calculator. The stream diff --git a/crypto/src/crypto/Security.cs b/crypto/src/crypto/Security.cs index 716679044..f6f6924a0 100644 --- a/crypto/src/crypto/Security.cs +++ b/crypto/src/crypto/Security.cs @@ -1,4 +1,7 @@ -using Org.BouncyCastle.Crypto; +using System; +using System.Text; + +using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Digests; using Org.BouncyCastle.Crypto.Engines; using Org.BouncyCastle.Crypto.Generators; @@ -6,23 +9,17 @@ using Org.BouncyCastle.Crypto.Modes; using Org.BouncyCastle.Crypto.Paddings; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Security; -using System; -using System.Text; +using Org.BouncyCastle.Utilities.Encoders; namespace crypto { public class Security { // USAGE - //var key = Security.GenerateText(32); - //var iv = Security.GenerateText(16); - //var encrypted = Security.Encrypt("MY SECRET", key, iv); - - //var dencrypted = Security.Decrypt(encrypted, key, iv); - + //var decrypted = Security.Decrypt(encrypted, key, iv); /// <summary> /// Return a salted hash based on PBKDF2 for the UTF-8 encoding of the argument text. @@ -30,79 +27,50 @@ namespace crypto /// <param name="text">Provided key text</param> /// <param name="salt">Base64 encoded string representing the salt</param> /// <returns></returns> - public static String ComputeHash(string text, string salt) + public static string ComputeHash(string text, string salt) { - var data = Encoding.UTF8.GetBytes(text); - var sha = new Sha512Digest(); - var gen = new Pkcs5S2ParametersGenerator(sha); + byte[] data = Encoding.UTF8.GetBytes(text); + Sha512Digest sha = new Sha512Digest(); + Pkcs5S2ParametersGenerator gen = new Pkcs5S2ParametersGenerator(sha); - gen.Init(data, Convert.FromBase64String(salt), 2048); + gen.Init(data, Base64.Decode(salt), 2048); - return Convert.ToBase64String(((KeyParameter)gen.GenerateDerivedParameters(sha.GetDigestSize() * 8)).GetKey()); + return Base64.ToBase64String(((KeyParameter)gen.GenerateDerivedParameters(sha.GetDigestSize() * 8)).GetKey()); } - public static String Decrypt(String cipherText, String key, String iv) - + public static string Decrypt(string cipherText, string key, string iv) { - - var cipher = CreateCipher(false, key, iv); - - var textAsBytes = cipher.DoFinal(Convert.FromBase64String(cipherText)); - - + IBufferedCipher cipher = CreateCipher(false, key, iv); + byte[] textAsBytes = cipher.DoFinal(Base64.Decode(cipherText)); return Encoding.UTF8.GetString(textAsBytes, 0, textAsBytes.Length); - } - - - public static String Encrypt(String plainText, String key, String iv) - + public static string Encrypt(string plainText, string key, string iv) { + IBufferedCipher cipher = CreateCipher(true, key, iv); - var cipher = CreateCipher(true, key, iv); - - - - return Convert.ToBase64String(cipher.DoFinal(Encoding.UTF8.GetBytes(plainText))); - + return Base64.ToBase64String(cipher.DoFinal(Encoding.UTF8.GetBytes(plainText))); } - - - public static String GenerateText(int size) - + public static string GenerateText(int size) { - - var textAsBytes = new Byte[size]; - - var secureRandom = SecureRandom.GetInstance("SHA256PRNG", true); - - + byte[] textAsBytes = new byte[size]; + SecureRandom secureRandom = SecureRandom.GetInstance("SHA256PRNG", true); secureRandom.NextBytes(textAsBytes); - - return Convert.ToBase64String(textAsBytes); - + return Base64.ToBase64String(textAsBytes); } - - - private static PaddedBufferedBlockCipher CreateCipher(Boolean isEncryption, String key, String iv) - + private static IBufferedCipher CreateCipher(bool isEncryption, string key, string iv) { - - var cipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(new RijndaelEngine()), new ISO10126d2Padding()); - - var keyParam = new KeyParameter(Convert.FromBase64String(key)); - - ICipherParameters cipherParams = String.IsNullOrEmpty(iv) ? (ICipherParameters)keyParam : new ParametersWithIV(keyParam, Convert.FromBase64String(iv)); - + IBufferedCipher cipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(new RijndaelEngine()), new ISO10126d2Padding()); + KeyParameter keyParam = new KeyParameter(Base64.Decode(key)); + ICipherParameters cipherParams = (null == iv || iv.Length < 1) + ? (ICipherParameters)keyParam + : new ParametersWithIV(keyParam, Base64.Decode(iv)); cipher.Init(isEncryption, cipherParams); - return cipher; - } } } diff --git a/crypto/src/crypto/SimpleBlockResult.cs b/crypto/src/crypto/SimpleBlockResult.cs index 01a6c4e01..6cacda63f 100644 --- a/crypto/src/crypto/SimpleBlockResult.cs +++ b/crypto/src/crypto/SimpleBlockResult.cs @@ -2,50 +2,52 @@ namespace Org.BouncyCastle.Crypto { - /// <summary> - /// A simple block result object which just carries a byte array. - /// </summary> - public class SimpleBlockResult: IBlockResult - { - private readonly bool approvedOnlyMode; - private readonly byte[] result; + /// <summary> + /// A simple block result object which just carries a byte array. + /// </summary> + public class SimpleBlockResult + : IBlockResult + { + private readonly byte[] result; /// <summary> /// Base constructor - a wrapper for the passed in byte array. /// </summary> /// <param name="result">The byte array to be wrapped.</param> - public SimpleBlockResult (byte[] result) - { - this.result = result; - } + public SimpleBlockResult(byte[] result) + { + this.result = result; + } - /// <summary> - /// Return the number of bytes in the result - /// </summary> - /// <value>The length of the result in bytes.</value> - public int Length { get { return result.Length; } } + /// <summary> + /// Return the number of bytes in the result + /// </summary> + /// <value>The length of the result in bytes.</value> + public int Length + { + get { return result.Length; } + } - /// <summary> - /// Return the final result of the operation. - /// </summary> - /// <returns>A block of bytes, representing the result of an operation.</returns> - public byte[] Collect() - { + /// <summary> + /// Return the final result of the operation. + /// </summary> + /// <returns>A block of bytes, representing the result of an operation.</returns> + public byte[] Collect() + { return result; - } + } - /// <summary> - /// Store the final result of the operation by copying it into the destination array. - /// </summary> - /// <returns>The number of bytes copied into destination.</returns> - /// <param name="destination">The byte array to copy the result into.</param> - /// <param name="offset">The offset into destination to start copying the result at.</param> - public int Collect(byte[] destination, int offset) - { - Array.Copy (result, 0, destination, offset, result.Length); + /// <summary> + /// Store the final result of the operation by copying it into the destination array. + /// </summary> + /// <returns>The number of bytes copied into destination.</returns> + /// <param name="destination">The byte array to copy the result into.</param> + /// <param name="offset">The offset into destination to start copying the result at.</param> + public int Collect(byte[] destination, int offset) + { + Array.Copy(result, 0, destination, offset, result.Length); - return result.Length; - } - } + return result.Length; + } + } } - diff --git a/crypto/src/crypto/operators/Asn1CipherBuilder.cs b/crypto/src/crypto/operators/Asn1CipherBuilder.cs index adb4507a3..d5840746f 100644 --- a/crypto/src/crypto/operators/Asn1CipherBuilder.cs +++ b/crypto/src/crypto/operators/Asn1CipherBuilder.cs @@ -1,5 +1,7 @@ -using System.Collections; +using System; +using System.Collections; using System.IO; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Nist; using Org.BouncyCastle.Asn1.Ntt; @@ -7,44 +9,42 @@ using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Cms; using Org.BouncyCastle.Crypto.IO; using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities; -using Org.BouncyCastle.Crypto.Utilities; namespace Org.BouncyCastle.Crypto.Operators { - public class Asn1CipherBuilderWithKey:ICipherBuilderWithKey + public class Asn1CipherBuilderWithKey : ICipherBuilderWithKey { - private readonly KeyParameter encKey; private AlgorithmIdentifier algorithmIdentifier; - - + public Asn1CipherBuilderWithKey(DerObjectIdentifier encryptionOID, int keySize, SecureRandom random) { if (random == null) { - random= new SecureRandom(); + random = new SecureRandom(); } + CipherKeyGenerator keyGen = CipherKeyGeneratorFactory.CreateKeyGenerator(encryptionOID, random); - + encKey = new KeyParameter(keyGen.GenerateKey()); algorithmIdentifier = AlgorithmIdentifierFactory.GenerateEncryptionAlgID(encryptionOID, encKey.GetKey().Length * 8, random); } - public object AlgorithmDetails { get { return algorithmIdentifier; } } + public int GetMaxOutputSize(int inputLen) { - throw new System.NotImplementedException(); + throw new NotImplementedException(); } public ICipher BuildCipher(Stream stream) { - object cipher = EnvelopedDataHelper.CreateContentCipher(true, encKey, algorithmIdentifier); // @@ -54,7 +54,7 @@ namespace Org.BouncyCastle.Crypto.Operators if (cipher is IStreamCipher) { - cipher = new BufferedStreamCipher((IStreamCipher)cipher); + cipher = new BufferedStreamCipher((IStreamCipher)cipher); } if (stream == null) @@ -62,7 +62,7 @@ namespace Org.BouncyCastle.Crypto.Operators stream = new MemoryStream(); } - return new BufferedCipherWrapper((IBufferedCipher)cipher,stream); + return new BufferedCipherWrapper((IBufferedCipher)cipher, stream); } public ICipherParameters Key diff --git a/crypto/src/crypto/operators/Asn1KeyWrapper.cs b/crypto/src/crypto/operators/Asn1KeyWrapper.cs index ffce7f63a..e2b2f8a37 100644 --- a/crypto/src/crypto/operators/Asn1KeyWrapper.cs +++ b/crypto/src/crypto/operators/Asn1KeyWrapper.cs @@ -1,22 +1,21 @@ using System; using System.Collections; -using System.Collections.Generic; -using System.Text; -using Org.BouncyCastle.X509; + using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Crypto.Digests; using Org.BouncyCastle.Crypto.Encodings; using Org.BouncyCastle.Crypto.Engines; -using Org.BouncyCastle.Utilities; -using Org.BouncyCastle.Asn1.Oiw; -using Org.BouncyCastle.Asn1.Nist; using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; namespace Org.BouncyCastle.Crypto.Operators { - public class Asn1KeyWrapper : IKeyWrapper + public class Asn1KeyWrapper + : IKeyWrapper { private string algorithm; private IKeyWrapper wrapper; @@ -47,11 +46,11 @@ namespace Org.BouncyCastle.Crypto.Operators static KeyWrapperUtil() { - providerMap["RSA/NONE/OAEPWITHSHA1ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_Sha1_Oaep); - providerMap["RSA/NONE/OAEPWITHSHA224ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_Sha224_Oaep); - providerMap["RSA/NONE/OAEPWITHSHA256ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_Sha256_Oaep); - providerMap["RSA/NONE/OAEPWITHSHA384ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_Sha384_Oaep); - providerMap["RSA/NONE/OAEPWITHSHA512ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_Sha512_Oaep); + providerMap.Add("RSA/NONE/OAEPWITHSHA1ANDMGF1PADDING", new RsaOaepWrapperProvider(OiwObjectIdentifiers.IdSha1)); + providerMap.Add("RSA/NONE/OAEPWITHSHA224ANDMGF1PADDING", new RsaOaepWrapperProvider(NistObjectIdentifiers.IdSha224)); + providerMap.Add("RSA/NONE/OAEPWITHSHA256ANDMGF1PADDING", new RsaOaepWrapperProvider(NistObjectIdentifiers.IdSha256)); + providerMap.Add("RSA/NONE/OAEPWITHSHA384ANDMGF1PADDING", new RsaOaepWrapperProvider(NistObjectIdentifiers.IdSha384)); + providerMap.Add("RSA/NONE/OAEPWITHSHA512ANDMGF1PADDING", new RsaOaepWrapperProvider(NistObjectIdentifiers.IdSha512)); } public static IKeyWrapper WrapperForName(string algorithm, ICipherParameters parameters) @@ -59,77 +58,28 @@ namespace Org.BouncyCastle.Crypto.Operators WrapperProvider provider = (WrapperProvider)providerMap[Strings.ToUpperCase(algorithm)]; if (provider == null) - { throw new ArgumentException("could not resolve " + algorithm + " to a KeyWrapper"); - } - return (IKeyWrapper)provider.createWrapper(true, parameters); + return (IKeyWrapper)provider.CreateWrapper(true, parameters); } public static IKeyUnwrapper UnwrapperForName(string algorithm, ICipherParameters parameters) { WrapperProvider provider = (WrapperProvider)providerMap[Strings.ToUpperCase(algorithm)]; if (provider == null) - { throw new ArgumentException("could not resolve " + algorithm + " to a KeyUnwrapper"); - } - - return (IKeyUnwrapper)provider.createWrapper(false, parameters); - } - } - - internal delegate object WrapperCreatorDelegate(bool forWrapping, ICipherParameters parameters); - - /// <summary> - /// Wraps delegate and implements the WrapperProvider Interface. - /// </summary> - internal class WrapperCreator : WrapperProvider - { - private readonly WrapperCreatorDelegate creator; - public WrapperCreator(WrapperCreatorDelegate creator) - { - this.creator = creator; - } - - public object createWrapper(bool forWrapping, ICipherParameters parameters) - { - return this.creator.Invoke(forWrapping, parameters); + return (IKeyUnwrapper)provider.CreateWrapper(false, parameters); } } internal interface WrapperProvider { - object createWrapper(bool forWrapping, ICipherParameters parameters); + object CreateWrapper(bool forWrapping, ICipherParameters parameters); } internal class RsaOaepWrapper : IKeyWrapper, IKeyUnwrapper { - internal static object Rsa_Sha1_Oaep(bool forWrapping, ICipherParameters parameters) - { - return new RsaOaepWrapper(forWrapping, parameters, OiwObjectIdentifiers.IdSha1); - } - - internal static object Rsa_Sha224_Oaep(bool forWrapping, ICipherParameters parameters) - { - return new RsaOaepWrapper(forWrapping, parameters, NistObjectIdentifiers.IdSha224); - } - - internal static object Rsa_Sha256_Oaep(bool forWrapping, ICipherParameters parameters) - { - return new RsaOaepWrapper(forWrapping, parameters, NistObjectIdentifiers.IdSha256); - } - - internal static object Rsa_Sha384_Oaep(bool forWrapping, ICipherParameters parameters) - { - return new RsaOaepWrapper(forWrapping, parameters, NistObjectIdentifiers.IdSha384); - } - - internal static object Rsa_Sha512_Oaep(bool forWrapping, ICipherParameters parameters) - { - return new RsaOaepWrapper(forWrapping, parameters, NistObjectIdentifiers.IdSha512); - } - private readonly AlgorithmIdentifier algId; private readonly IAsymmetricBlockCipher engine; @@ -149,10 +99,7 @@ namespace Org.BouncyCastle.Crypto.Operators public object AlgorithmDetails { - get - { - return algId; - } + get { return algId; } } public IBlockResult Unwrap(byte[] cipherText, int offset, int length) @@ -165,4 +112,20 @@ namespace Org.BouncyCastle.Crypto.Operators return new SimpleBlockResult(engine.ProcessBlock(keyData, 0, keyData.Length)); } } + + internal class RsaOaepWrapperProvider + : WrapperProvider + { + private readonly DerObjectIdentifier digestOid; + + internal RsaOaepWrapperProvider(DerObjectIdentifier digestOid) + { + this.digestOid = digestOid; + } + + object WrapperProvider.CreateWrapper(bool forWrapping, ICipherParameters parameters) + { + return new RsaOaepWrapper(forWrapping, parameters, digestOid); + } + } } diff --git a/crypto/src/crypto/operators/CmsContentEncryptorBuilder.cs b/crypto/src/crypto/operators/CmsContentEncryptorBuilder.cs index da9e32f9e..690e970cb 100644 --- a/crypto/src/crypto/operators/CmsContentEncryptorBuilder.cs +++ b/crypto/src/crypto/operators/CmsContentEncryptorBuilder.cs @@ -1,5 +1,7 @@ -using System.Collections; +using System; +using System.Collections; using System.IO; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Nist; using Org.BouncyCastle.Asn1.Ntt; @@ -16,25 +18,24 @@ namespace Org.BouncyCastle.Operators { public class CmsContentEncryptorBuilder { - private static readonly IDictionary keySizes = Platform.CreateHashtable(); + private static readonly IDictionary KeySizes = Platform.CreateHashtable(); static CmsContentEncryptorBuilder() { - keySizes[NistObjectIdentifiers.IdAes128Cbc] = 128; - keySizes[NistObjectIdentifiers.IdAes192Cbc] =192; - keySizes[NistObjectIdentifiers.IdAes256Cbc] =256; + KeySizes[NistObjectIdentifiers.IdAes128Cbc] = 128; + KeySizes[NistObjectIdentifiers.IdAes192Cbc] = 192; + KeySizes[NistObjectIdentifiers.IdAes256Cbc] = 256; - - keySizes[NttObjectIdentifiers.IdCamellia128Cbc] =128; - keySizes[NttObjectIdentifiers.IdCamellia192Cbc] =192; - keySizes[NttObjectIdentifiers.IdCamellia256Cbc] =256; + KeySizes[NttObjectIdentifiers.IdCamellia128Cbc] = 128; + KeySizes[NttObjectIdentifiers.IdCamellia192Cbc] = 192; + KeySizes[NttObjectIdentifiers.IdCamellia256Cbc] = 256; } - private static int getKeySize(DerObjectIdentifier oid) + private static int GetKeySize(DerObjectIdentifier oid) { - if (keySizes.Contains(oid)) + if (KeySizes.Contains(oid)) { - return (int)keySizes[oid]; + return (int)KeySizes[oid]; } return -1; @@ -43,11 +44,12 @@ namespace Org.BouncyCastle.Operators private readonly DerObjectIdentifier encryptionOID; private readonly int keySize; - - private EnvelopedDataHelper helper = new EnvelopedDataHelper(); - private SecureRandom random; + private readonly EnvelopedDataHelper helper = new EnvelopedDataHelper(); + //private SecureRandom random; - public CmsContentEncryptorBuilder(DerObjectIdentifier encryptionOID):this(encryptionOID, getKeySize(encryptionOID)) { + public CmsContentEncryptorBuilder(DerObjectIdentifier encryptionOID) + : this(encryptionOID, GetKeySize(encryptionOID)) + { } public CmsContentEncryptorBuilder(DerObjectIdentifier encryptionOID, int keySize) @@ -58,7 +60,8 @@ namespace Org.BouncyCastle.Operators public ICipherBuilderWithKey Build() { - return new Asn1CipherBuilderWithKey(encryptionOID,keySize,random); + //return new Asn1CipherBuilderWithKey(encryptionOID, keySize, random); + return new Asn1CipherBuilderWithKey(encryptionOID, keySize, null); } } } diff --git a/crypto/src/crypto/operators/CmsKeyTransRecipientInfoGenerator.cs b/crypto/src/crypto/operators/CmsKeyTransRecipientInfoGenerator.cs index 997231b6e..b73c41dbd 100644 --- a/crypto/src/crypto/operators/CmsKeyTransRecipientInfoGenerator.cs +++ b/crypto/src/crypto/operators/CmsKeyTransRecipientInfoGenerator.cs @@ -1,16 +1,20 @@ -using Org.BouncyCastle.Asn1.X509; +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Cms; using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Asn1; using Org.BouncyCastle.X509; namespace Org.BouncyCastle.Operators { - public class CmsKeyTransRecipientInfoGenerator: KeyTransRecipientInfoGenerator + public class CmsKeyTransRecipientInfoGenerator + : KeyTransRecipientInfoGenerator { - private IKeyWrapper keyWrapper; + private readonly IKeyWrapper keyWrapper; - public CmsKeyTransRecipientInfoGenerator(X509Certificate recipCert, IKeyWrapper keyWrapper): base(new Asn1.Cms.IssuerAndSerialNumber(recipCert.IssuerDN, new DerInteger(recipCert.SerialNumber))) + public CmsKeyTransRecipientInfoGenerator(X509Certificate recipCert, IKeyWrapper keyWrapper) + : base(new Asn1.Cms.IssuerAndSerialNumber(recipCert.IssuerDN, new DerInteger(recipCert.SerialNumber))) { this.keyWrapper = keyWrapper; this.RecipientCert = recipCert; @@ -24,10 +28,7 @@ namespace Org.BouncyCastle.Operators protected override AlgorithmIdentifier AlgorithmDetails { - get - { - return (AlgorithmIdentifier)keyWrapper.AlgorithmDetails; - } + get { return (AlgorithmIdentifier)keyWrapper.AlgorithmDetails; } } protected override byte[] GenerateWrappedKey(Crypto.Parameters.KeyParameter contentKey) diff --git a/crypto/src/crypto/operators/GenericKey.cs b/crypto/src/crypto/operators/GenericKey.cs index b2df74661..89512c7b0 100644 --- a/crypto/src/crypto/operators/GenericKey.cs +++ b/crypto/src/crypto/operators/GenericKey.cs @@ -1,18 +1,17 @@ using System; -using System.Collections.Generic; -using System.Text; + using Org.BouncyCastle.Asn1.X509; namespace Org.BouncyCastle.Crypto.Operators { public class GenericKey { - private AlgorithmIdentifier algorithmIdentifier; - private object representation; + private readonly AlgorithmIdentifier algorithmIdentifier; + private readonly object representation; public GenericKey(object representation) { - algorithmIdentifier = null; + this.algorithmIdentifier = null; this.representation = representation; } diff --git a/crypto/src/crypto/parameters/ECGOST3410Parameters.cs b/crypto/src/crypto/parameters/ECGOST3410Parameters.cs index a3aa1953c..6abcb1647 100644 --- a/crypto/src/crypto/parameters/ECGOST3410Parameters.cs +++ b/crypto/src/crypto/parameters/ECGOST3410Parameters.cs @@ -1,12 +1,14 @@ -using Org.BouncyCastle.Asn1; +using System; + +using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Math; using Org.BouncyCastle.Math.EC; namespace Org.BouncyCastle.Crypto.Parameters { - public class ECGost3410Parameters : ECNamedDomainParameters + public class ECGost3410Parameters + : ECNamedDomainParameters { - private readonly DerObjectIdentifier _publicKeyParamSet; private readonly DerObjectIdentifier _digestParamSet; private readonly DerObjectIdentifier _encryptionParamSet; @@ -30,22 +32,22 @@ namespace Org.BouncyCastle.Crypto.Parameters ECNamedDomainParameters dp, DerObjectIdentifier publicKeyParamSet, DerObjectIdentifier digestParamSet, - DerObjectIdentifier encryptionParamSet) : base(dp.Name, dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed()) + DerObjectIdentifier encryptionParamSet) + : base(dp.Name, dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed()) { this._publicKeyParamSet = publicKeyParamSet; this._digestParamSet = digestParamSet; this._encryptionParamSet = encryptionParamSet; } - public ECGost3410Parameters(ECDomainParameters dp, DerObjectIdentifier publicKeyParamSet, DerObjectIdentifier digestParamSet, - DerObjectIdentifier encryptionParamSet) : base(publicKeyParamSet, dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed()) + DerObjectIdentifier encryptionParamSet) + : base(publicKeyParamSet, dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed()) { this._publicKeyParamSet = publicKeyParamSet; this._digestParamSet = digestParamSet; this._encryptionParamSet = encryptionParamSet; } - } -} \ No newline at end of file +} diff --git a/crypto/src/crypto/parameters/ECNamedDomainParameters.cs b/crypto/src/crypto/parameters/ECNamedDomainParameters.cs index 34e390a8f..4b8e2558f 100644 --- a/crypto/src/crypto/parameters/ECNamedDomainParameters.cs +++ b/crypto/src/crypto/parameters/ECNamedDomainParameters.cs @@ -1,35 +1,42 @@ -using Org.BouncyCastle.Asn1; +using System; + +using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Math; using Org.BouncyCastle.Math.EC; namespace Org.BouncyCastle.Crypto.Parameters { - public class ECNamedDomainParameters : ECDomainParameters + public class ECNamedDomainParameters + : ECDomainParameters { - private DerObjectIdentifier name; + private readonly DerObjectIdentifier name; public DerObjectIdentifier Name { get { return name; } } - public ECNamedDomainParameters(DerObjectIdentifier name, ECDomainParameters dp) : this(name, dp.curve, dp.g, dp.n, dp.h, dp.seed) - { } - + public ECNamedDomainParameters(DerObjectIdentifier name, ECDomainParameters dp) + : this(name, dp.curve, dp.g, dp.n, dp.h, dp.seed) + { + } - public ECNamedDomainParameters(DerObjectIdentifier name, ECCurve curve, ECPoint g, BigInteger n) : base(curve, g, n) + public ECNamedDomainParameters(DerObjectIdentifier name, ECCurve curve, ECPoint g, BigInteger n) + : base(curve, g, n) { this.name = name; } - public ECNamedDomainParameters(DerObjectIdentifier name, ECCurve curve, ECPoint g, BigInteger n, BigInteger h) : base(curve, g, n, h) + public ECNamedDomainParameters(DerObjectIdentifier name, ECCurve curve, ECPoint g, BigInteger n, BigInteger h) + : base(curve, g, n, h) { this.name = name; } - public ECNamedDomainParameters(DerObjectIdentifier name, ECCurve curve, ECPoint g, BigInteger n, BigInteger h, byte[] seed) : base(curve, g, n, h, seed) + public ECNamedDomainParameters(DerObjectIdentifier name, ECCurve curve, ECPoint g, BigInteger n, BigInteger h, byte[] seed) + : base(curve, g, n, h, seed) { this.name = name; } } -} \ No newline at end of file +} diff --git a/crypto/src/crypto/signers/DsaDigestSigner.cs b/crypto/src/crypto/signers/DsaDigestSigner.cs index 7fd8f535f..15444a0f7 100644 --- a/crypto/src/crypto/signers/DsaDigestSigner.cs +++ b/crypto/src/crypto/signers/DsaDigestSigner.cs @@ -126,7 +126,7 @@ namespace Org.BouncyCastle.Crypto.Signers return dsa.VerifySignature(hash, sig[0], sig[1]); } - catch (Exception e) + catch (Exception) { return false; } diff --git a/crypto/src/crypto/tls/AbstractTlsClient.cs b/crypto/src/crypto/tls/AbstractTlsClient.cs index bddbab87f..356aab8d2 100644 --- a/crypto/src/crypto/tls/AbstractTlsClient.cs +++ b/crypto/src/crypto/tls/AbstractTlsClient.cs @@ -34,7 +34,7 @@ namespace Org.BouncyCastle.Crypto.Tls { switch (extensionType) { - case ExtensionType.elliptic_curves: + case ExtensionType.supported_groups: /* * Exception added based on field reports that some servers do send this, although the * Supported Elliptic Curves Extension is clearly intended to be client-only. If @@ -198,7 +198,7 @@ namespace Org.BouncyCastle.Crypto.Tls */ CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.signature_algorithms); - CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.elliptic_curves); + CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.supported_groups); if (TlsEccUtilities.IsEccCipherSuite(this.mSelectedCipherSuite)) { diff --git a/crypto/src/crypto/tls/DtlsReliableHandshake.cs b/crypto/src/crypto/tls/DtlsReliableHandshake.cs index 396ea7483..8715cd799 100644 --- a/crypto/src/crypto/tls/DtlsReliableHandshake.cs +++ b/crypto/src/crypto/tls/DtlsReliableHandshake.cs @@ -114,7 +114,7 @@ namespace Org.BouncyCastle.Crypto.Tls } } } - catch (IOException e) + catch (IOException) { // NOTE: Assume this is a timeout for the moment } diff --git a/crypto/src/crypto/tls/TlsEccUtilities.cs b/crypto/src/crypto/tls/TlsEccUtilities.cs index fb31e1b07..7b7e89f84 100644 --- a/crypto/src/crypto/tls/TlsEccUtilities.cs +++ b/crypto/src/crypto/tls/TlsEccUtilities.cs @@ -26,7 +26,7 @@ namespace Org.BouncyCastle.Crypto.Tls public static void AddSupportedEllipticCurvesExtension(IDictionary extensions, int[] namedCurves) { - extensions[ExtensionType.elliptic_curves] = CreateSupportedEllipticCurvesExtension(namedCurves); + extensions[ExtensionType.supported_groups] = CreateSupportedEllipticCurvesExtension(namedCurves); } public static void AddSupportedPointFormatsExtension(IDictionary extensions, byte[] ecPointFormats) @@ -36,7 +36,7 @@ namespace Org.BouncyCastle.Crypto.Tls public static int[] GetSupportedEllipticCurvesExtension(IDictionary extensions) { - byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.elliptic_curves); + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.supported_groups); return extensionData == null ? null : ReadSupportedEllipticCurvesExtension(extensionData); } diff --git a/crypto/src/crypto/tls/TlsUtilities.cs b/crypto/src/crypto/tls/TlsUtilities.cs index e6bd253aa..9f4aac651 100644 --- a/crypto/src/crypto/tls/TlsUtilities.cs +++ b/crypto/src/crypto/tls/TlsUtilities.cs @@ -2341,7 +2341,7 @@ namespace Org.BouncyCastle.Crypto.Tls { keyExchangeAlgorithm = GetKeyExchangeAlgorithm(cipherSuite); } - catch (IOException e) + catch (IOException) { return true; } diff --git a/crypto/src/crypto/util/AlgorithmIdentifierFactory.cs b/crypto/src/crypto/util/AlgorithmIdentifierFactory.cs index 20eac84ce..ad4d31ede 100644 --- a/crypto/src/crypto/util/AlgorithmIdentifierFactory.cs +++ b/crypto/src/crypto/util/AlgorithmIdentifierFactory.cs @@ -1,4 +1,5 @@ using System; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Kisa; using Org.BouncyCastle.Asn1.Misc; diff --git a/crypto/src/crypto/util/CipherFactory.cs b/crypto/src/crypto/util/CipherFactory.cs index 0a4010b42..f5998267d 100644 --- a/crypto/src/crypto/util/CipherFactory.cs +++ b/crypto/src/crypto/util/CipherFactory.cs @@ -1,4 +1,5 @@ using System; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Kisa; using Org.BouncyCastle.Asn1.Misc; @@ -11,15 +12,13 @@ using Org.BouncyCastle.Crypto.Engines; using Org.BouncyCastle.Crypto.Modes; using Org.BouncyCastle.Crypto.Paddings; using Org.BouncyCastle.Crypto.Parameters; -using Org.BouncyCastle.Crypto.Utilities; -namespace Org.BouncyCastle.Crypto.Utilites +namespace Org.BouncyCastle.Crypto.Utilities { public class CipherFactory { private CipherFactory() { - } private static readonly short[] rc2Ekb = @@ -50,15 +49,12 @@ namespace Org.BouncyCastle.Crypto.Utilites if (encAlg.Equals(PkcsObjectIdentifiers.rc4)) { IStreamCipher cipher = new RC4Engine(); - cipher.Init(forEncryption, encKey); - return cipher; } else { BufferedBlockCipher cipher = CreateCipher(encryptionAlgID.Algorithm); - Asn1Object sParams = encryptionAlgID.Parameters.ToAsn1Object(); if (sParams != null && !(sParams is DerNull)) @@ -110,7 +106,6 @@ namespace Org.BouncyCastle.Crypto.Utilites return cipher; } - } private static BufferedBlockCipher CreateCipher(DerObjectIdentifier algorithm) @@ -118,8 +113,8 @@ namespace Org.BouncyCastle.Crypto.Utilites IBlockCipher cipher; if (NistObjectIdentifiers.IdAes128Cbc.Equals(algorithm) - || NistObjectIdentifiers.IdAes192Cbc.Equals(algorithm) - || NistObjectIdentifiers.IdAes256Cbc.Equals(algorithm)) + || NistObjectIdentifiers.IdAes192Cbc.Equals(algorithm) + || NistObjectIdentifiers.IdAes256Cbc.Equals(algorithm)) { cipher = new CbcBlockCipher(new AesEngine()); } @@ -146,6 +141,5 @@ namespace Org.BouncyCastle.Crypto.Utilites return new PaddedBufferedBlockCipher(cipher, new Pkcs7Padding()); } - } } diff --git a/crypto/src/crypto/util/CipherKeyGeneratorFactory.cs b/crypto/src/crypto/util/CipherKeyGeneratorFactory.cs index f714c40fd..efaad138c 100644 --- a/crypto/src/crypto/util/CipherKeyGeneratorFactory.cs +++ b/crypto/src/crypto/util/CipherKeyGeneratorFactory.cs @@ -1,4 +1,5 @@ using System; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Kisa; using Org.BouncyCastle.Asn1.Nist; @@ -14,74 +15,69 @@ namespace Org.BouncyCastle.Crypto.Utilities { private CipherKeyGeneratorFactory() { - } /** - * Create a key generator for the passed in Object Identifier. - * - * @param algorithm the Object Identifier indicating the algorithn the generator is for. - * @param random a source of random to initialise the generator with. - * @return an initialised CipherKeyGenerator. - * @throws IllegalArgumentException if the algorithm cannot be identified. - */ + * Create a key generator for the passed in Object Identifier. + * + * @param algorithm the Object Identifier indicating the algorithn the generator is for. + * @param random a source of random to initialise the generator with. + * @return an initialised CipherKeyGenerator. + * @throws IllegalArgumentException if the algorithm cannot be identified. + */ public static CipherKeyGenerator CreateKeyGenerator(DerObjectIdentifier algorithm, SecureRandom random) { if (NistObjectIdentifiers.IdAes128Cbc.Equals(algorithm)) { - return createCipherKeyGenerator(random, 128); + return CreateCipherKeyGenerator(random, 128); } else if (NistObjectIdentifiers.IdAes192Cbc.Equals(algorithm)) { - return createCipherKeyGenerator(random, 192); + return CreateCipherKeyGenerator(random, 192); } else if (NistObjectIdentifiers.IdAes256Cbc.Equals(algorithm)) { - return createCipherKeyGenerator(random, 256); + return CreateCipherKeyGenerator(random, 256); } else if (PkcsObjectIdentifiers.DesEde3Cbc.Equals(algorithm)) { DesEdeKeyGenerator keyGen = new DesEdeKeyGenerator(); - keyGen.Init(new KeyGenerationParameters(random, 192)); - return keyGen; } else if (NttObjectIdentifiers.IdCamellia128Cbc.Equals(algorithm)) { - return createCipherKeyGenerator(random, 128); + return CreateCipherKeyGenerator(random, 128); } else if (NttObjectIdentifiers.IdCamellia192Cbc.Equals(algorithm)) { - return createCipherKeyGenerator(random, 192); + return CreateCipherKeyGenerator(random, 192); } else if (NttObjectIdentifiers.IdCamellia256Cbc.Equals(algorithm)) { - return createCipherKeyGenerator(random, 256); + return CreateCipherKeyGenerator(random, 256); } else if (KisaObjectIdentifiers.IdSeedCbc.Equals(algorithm)) { - return createCipherKeyGenerator(random, 128); + return CreateCipherKeyGenerator(random, 128); } else if (AlgorithmIdentifierFactory.CAST5_CBC.Equals(algorithm)) { - return createCipherKeyGenerator(random, 128); + return CreateCipherKeyGenerator(random, 128); } else if (OiwObjectIdentifiers.DesCbc.Equals(algorithm)) { DesKeyGenerator keyGen = new DesKeyGenerator(); - keyGen.Init(new KeyGenerationParameters(random, 64)); - return keyGen; } else if (PkcsObjectIdentifiers.rc4.Equals(algorithm)) { - return createCipherKeyGenerator(random, 128); + return CreateCipherKeyGenerator(random, 128); } else if (PkcsObjectIdentifiers.RC2Cbc.Equals(algorithm)) { - return createCipherKeyGenerator(random, 128); + return CreateCipherKeyGenerator(random, 128); } else { @@ -89,12 +85,10 @@ namespace Org.BouncyCastle.Crypto.Utilities } } - private static CipherKeyGenerator createCipherKeyGenerator(SecureRandom random, int keySize) + private static CipherKeyGenerator CreateCipherKeyGenerator(SecureRandom random, int keySize) { CipherKeyGenerator keyGen = new CipherKeyGenerator(); - keyGen.Init(new KeyGenerationParameters(random, keySize)); - return keyGen; } } diff --git a/crypto/src/math/ec/rfc8032/Ed25519.cs b/crypto/src/math/ec/rfc8032/Ed25519.cs index 6dc52a865..702c48dd3 100644 --- a/crypto/src/math/ec/rfc8032/Ed25519.cs +++ b/crypto/src/math/ec/rfc8032/Ed25519.cs @@ -959,7 +959,7 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032 PointSetNeutral(r); int bit = 255; - while (bit > 0 && (ws_b[bit] | ws_p[bit]) == 0) + while (bit > 0 && ((byte)ws_b[bit] | (byte)ws_p[bit]) == 0) { --bit; } diff --git a/crypto/src/math/ec/rfc8032/Ed448.cs b/crypto/src/math/ec/rfc8032/Ed448.cs index 774052082..597062269 100644 --- a/crypto/src/math/ec/rfc8032/Ed448.cs +++ b/crypto/src/math/ec/rfc8032/Ed448.cs @@ -1046,7 +1046,7 @@ namespace Org.BouncyCastle.Math.EC.Rfc8032 PointSetNeutral(r); int bit = 447; - while (bit > 0 && (ws_b[bit] | ws_p[bit]) == 0) + while (bit > 0 && ((byte)ws_b[bit] | (byte)ws_p[bit]) == 0) { --bit; } diff --git a/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfo.cs b/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfo.cs index 4c4ae83eb..5882dee38 100644 --- a/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfo.cs +++ b/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfo.cs @@ -1,10 +1,11 @@ - +using System; +using System.IO; + using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Utilities; using Org.BouncyCastle.Utilities.IO; -using System; -using System.IO; namespace Org.BouncyCastle.Pkcs { @@ -90,12 +91,11 @@ namespace Org.BouncyCastle.Pkcs ICipher encIn = decryptorBuilder.BuildCipher(new MemoryInputStream(encryptedPrivateKeyInfo.GetEncryptedData())); - using (Stream strm = encIn.Stream) - { - byte[] data = Streams.ReadAll(encIn.Stream); - - return PrivateKeyInfo.GetInstance(data); - } + Stream strm = encIn.Stream; + byte[] data = Streams.ReadAll(encIn.Stream); + Platform.Dispose(strm); + + return PrivateKeyInfo.GetInstance(data); } catch (Exception e) { diff --git a/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfoBuilder.cs b/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfoBuilder.cs index 3b05deea7..8f751492f 100644 --- a/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfoBuilder.cs +++ b/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfoBuilder.cs @@ -1,11 +1,11 @@ -using Org.BouncyCastle.Asn1.Pkcs; +using System; +using System.IO; + +using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Utilities; using Org.BouncyCastle.Utilities.IO; -using System; -using System.Collections.Generic; -using System.IO; -using System.Text; namespace Org.BouncyCastle.Pkcs { @@ -36,10 +36,9 @@ namespace Org.BouncyCastle.Pkcs ICipher cOut = encryptor.BuildCipher(bOut); byte[] keyData = privateKeyInfo.GetEncoded(); - using (var str = cOut.Stream) - { - str.Write(keyData, 0, keyData.Length); - } + Stream str = cOut.Stream; + str.Write(keyData, 0, keyData.Length); + Platform.Dispose(str); return new Pkcs8EncryptedPrivateKeyInfo(new EncryptedPrivateKeyInfo((AlgorithmIdentifier)encryptor.AlgorithmDetails, bOut.ToArray())); } diff --git a/crypto/src/pkcs/PkcsException.cs b/crypto/src/pkcs/PkcsException.cs index f82d36724..7a69ff736 100644 --- a/crypto/src/pkcs/PkcsException.cs +++ b/crypto/src/pkcs/PkcsException.cs @@ -5,13 +5,16 @@ namespace Org.BouncyCastle.Pkcs /// <summary> /// Base exception for PKCS related issues. /// </summary> - public class PkcsException : Exception + public class PkcsException + : Exception { - public PkcsException(String message) : base(message) + public PkcsException(string message) + : base(message) { } - public PkcsException(String message, Exception underlying) : base(message, underlying) + public PkcsException(string message, Exception underlying) + : base(message, underlying) { } } diff --git a/crypto/src/pkix/PkixCertPathValidatorUtilities.cs b/crypto/src/pkix/PkixCertPathValidatorUtilities.cs index 2ccaa32ce..55f4afb19 100644 --- a/crypto/src/pkix/PkixCertPathValidatorUtilities.cs +++ b/crypto/src/pkix/PkixCertPathValidatorUtilities.cs @@ -151,7 +151,7 @@ namespace Org.BouncyCastle.Pkix { return FindTrustAnchor(cert, trustAnchors) != null; } - catch (Exception e) + catch (Exception) { return false; } diff --git a/crypto/src/security/DigestUtilities.cs b/crypto/src/security/DigestUtilities.cs index 7685e3384..a17a9abee 100644 --- a/crypto/src/security/DigestUtilities.cs +++ b/crypto/src/security/DigestUtilities.cs @@ -259,6 +259,11 @@ namespace Org.BouncyCastle.Security return (string) algorithms[oid.Id]; } + public static byte[] CalculateDigest(DerObjectIdentifier id, byte[] input) + { + return CalculateDigest(id.Id, input); + } + public static byte[] CalculateDigest(string algorithm, byte[] input) { IDigest digest = GetDigest(algorithm); diff --git a/crypto/src/util/io/MemoryInputStream.cs b/crypto/src/util/io/MemoryInputStream.cs index d353314ee..cdc5aafb3 100644 --- a/crypto/src/util/io/MemoryInputStream.cs +++ b/crypto/src/util/io/MemoryInputStream.cs @@ -1,13 +1,19 @@ -using System.IO; +using System; +using System.IO; namespace Org.BouncyCastle.Utilities.IO { - public class MemoryInputStream : MemoryStream + public class MemoryInputStream + : MemoryStream { - public MemoryInputStream(byte[] buffer) : base(buffer, false) + public MemoryInputStream(byte[] buffer) + : base(buffer, false) { } - public sealed override bool CanWrite { get { return false; } } + public sealed override bool CanWrite + { + get { return false; } + } } } diff --git a/crypto/src/util/io/MemoryOutputStream.cs b/crypto/src/util/io/MemoryOutputStream.cs index a6de64680..828f23b4a 100644 --- a/crypto/src/util/io/MemoryOutputStream.cs +++ b/crypto/src/util/io/MemoryOutputStream.cs @@ -1,10 +1,14 @@ - +using System; using System.IO; namespace Org.BouncyCastle.Utilities.IO { - public class MemoryOutputStream: MemoryStream + public class MemoryOutputStream + : MemoryStream { - public sealed override bool CanRead { get { return false; } } + public sealed override bool CanRead + { + get { return false; } + } } } diff --git a/crypto/src/x509/X509Certificate.cs b/crypto/src/x509/X509Certificate.cs index 6d7bd7a61..6f2f40411 100644 --- a/crypto/src/x509/X509Certificate.cs +++ b/crypto/src/x509/X509Certificate.cs @@ -8,13 +8,13 @@ using Org.BouncyCastle.Asn1.Misc; using Org.BouncyCastle.Asn1.Utilities; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Math; using Org.BouncyCastle.Security; using Org.BouncyCastle.Security.Certificates; using Org.BouncyCastle.Utilities; using Org.BouncyCastle.Utilities.Encoders; using Org.BouncyCastle.X509.Extension; -using Org.BouncyCastle.Crypto.Operators; namespace Org.BouncyCastle.X509 { @@ -27,8 +27,8 @@ namespace Org.BouncyCastle.X509 // , PKCS12BagAttributeCarrier { private readonly X509CertificateStructure c; -// private Hashtable pkcs12Attributes = new Hashtable(); -// private ArrayList pkcs12Ordering = new ArrayList(); + //private Hashtable pkcs12Attributes = Platform.CreateHashtable(); + //private ArrayList pkcs12Ordering = Platform.CreateArrayList(); private readonly BasicConstraints basicConstraints; private readonly bool[] keyUsage; diff --git a/crypto/test/UnitTests.csproj b/crypto/test/UnitTests.csproj index d36877026..11b20066e 100644 --- a/crypto/test/UnitTests.csproj +++ b/crypto/test/UnitTests.csproj @@ -124,6 +124,7 @@ <Compile Include="src\asn1\test\X509ExtensionsTest.cs" /> <Compile Include="src\asn1\test\X509NameTest.cs" /> <Compile Include="src\asn1\test\X9Test.cs" /> + <Compile Include="src\cmp\test\ProtectedMessageTest.cs" /> <Compile Include="src\cms\test\AllTests.cs" /> <Compile Include="src\cms\test\AuthenticatedDataStreamTest.cs" /> <Compile Include="src\cms\test\AuthenticatedDataTest.cs" /> @@ -192,7 +193,6 @@ <Compile Include="src\crypto\test\ECTest.cs" /> <Compile Include="src\crypto\test\Ed25519Test.cs" /> <Compile Include="src\crypto\test\Ed448Test.cs" /> - <Compile Include="src\crypto\test\EGOST3410_2012SignatureTest.cs" /> <Compile Include="src\crypto\test\ElGamalTest.cs" /> <Compile Include="src\crypto\test\EqualsHashCodeTest.cs" /> <Compile Include="src\crypto\test\GCMTest.cs" /> @@ -389,7 +389,6 @@ <Compile Include="src\pkcs\test\EncryptedPrivateKeyInfoTest.cs" /> <Compile Include="src\pkcs\test\PKCS10Test.cs" /> <Compile Include="src\pkcs\test\PKCS12StoreTest.cs" /> - <Compile Include="src\ProtectedMessageTest.cs" /> <Compile Include="src\security\test\SecureRandomTest.cs" /> <Compile Include="src\security\test\TestDigestUtil.cs" /> <Compile Include="src\security\test\TestDotNetUtil.cs" /> @@ -1321,7 +1320,4 @@ <ItemGroup> <Service Include="{82A7F48D-3B50-4B1E-B82E-3ADA8210C358}" /> </ItemGroup> - <ItemGroup> - <Folder Include="src\NewFolder1\" /> - </ItemGroup> -</Project> \ No newline at end of file +</Project> diff --git a/crypto/test/src/cmp/test/ProtectedMessageTest.cs b/crypto/test/src/cmp/test/ProtectedMessageTest.cs index 24f2fe572..70bf670da 100644 --- a/crypto/test/src/cmp/test/ProtectedMessageTest.cs +++ b/crypto/test/src/cmp/test/ProtectedMessageTest.cs @@ -2,6 +2,7 @@ using System.Collections; using NUnit.Framework; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cmp; using Org.BouncyCastle.Asn1.Crmf; @@ -25,7 +26,7 @@ namespace Org.BouncyCastle.Cmp.Tests { public override string Name { - get { return "ProtectedMessageTest"; } + get { return "ProtectedMessage"; } } public override void PerformTest() @@ -35,35 +36,35 @@ namespace Org.BouncyCastle.Cmp.Tests TestMacProtectedMessage(); TestProtectedMessage(); TestConfirmationMessage(); - TestSampleCr(); + TestSampleCr(); } -// [Test] -// public void TestServerSideKey() -// { -// RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator(); -// rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100)); -// AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); -// -// TestCertBuilder builder = new TestCertBuilder() -// { -// Issuer = new X509Name("CN=Test"), -// Subject = new X509Name("CN=Test"), -// NotBefore = DateTime.UtcNow.AddDays(-1), -// NotAfter = DateTime.UtcNow.AddDays(1), -// PublicKey = rsaKeyPair.Public, -// SignatureAlgorithm = "MD5WithRSAEncryption" -// }; -// -// builder.AddAttribute(X509Name.C, "Foo"); -// X509Certificate cert = builder.Build(rsaKeyPair.Private); -// -// GeneralName sender = new GeneralName(new X509Name("CN=Sender")); -// GeneralName recipient = new GeneralName(new X509Name("CN=Recip")); -// -// -// -// } + // [Test] + // public void TestServerSideKey() + // { + // RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator(); + // rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100)); + // AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); + // + // TestCertBuilder builder = new TestCertBuilder() + // { + // Issuer = new X509Name("CN=Test"), + // Subject = new X509Name("CN=Test"), + // NotBefore = DateTime.UtcNow.AddDays(-1), + // NotAfter = DateTime.UtcNow.AddDays(1), + // PublicKey = rsaKeyPair.Public, + // SignatureAlgorithm = "MD5WithRSAEncryption" + // }; + // + // builder.AddAttribute(X509Name.C, "Foo"); + // X509Certificate cert = builder.Build(rsaKeyPair.Private); + // + // GeneralName sender = new GeneralName(new X509Name("CN=Sender")); + // GeneralName recipient = new GeneralName(new X509Name("CN=Recip")); + // + // + // + // } [Test] public void TestNotBeforeNotAfter() @@ -72,12 +73,11 @@ namespace Org.BouncyCastle.Cmp.Tests rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100)); AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); - doNotBeforeNotAfterTest(rsaKeyPair, new DateTime(1,1,1,0,0,1), new DateTime(1,1,1,0,0,10)); + doNotBeforeNotAfterTest(rsaKeyPair, new DateTime(1, 1, 1, 0, 0, 1), new DateTime(1, 1, 1, 0, 0, 10)); doNotBeforeNotAfterTest(rsaKeyPair, DateTime.MinValue, new DateTime(1, 1, 1, 0, 0, 10)); doNotBeforeNotAfterTest(rsaKeyPair, new DateTime(1, 1, 1, 0, 0, 1), DateTime.MinValue); } - private void doNotBeforeNotAfterTest(AsymmetricCipherKeyPair kp, DateTime notBefore, DateTime notAfter) { CertificateRequestMessageBuilder builder = new CertificateRequestMessageBuilder(BigInteger.One) @@ -89,11 +89,11 @@ namespace Org.BouncyCastle.Cmp.Tests if (!notBefore.Equals(DateTime.MinValue)) { - IsTrue("NotBefore did not match",(notBefore.Equals(msg.GetCertTemplate().Validity.NotBefore.ToDateTime()))); + IsTrue("NotBefore did not match", (notBefore.Equals(msg.GetCertTemplate().Validity.NotBefore.ToDateTime()))); } else { - IsTrue("Expected NotBefore to empty.",DateTime.MinValue == msg.GetCertTemplate().Validity.NotBefore.ToDateTime()); + IsTrue("Expected NotBefore to empty.", DateTime.MinValue == msg.GetCertTemplate().Validity.NotBefore.ToDateTime()); } if (!notAfter.Equals(DateTime.MinValue)) @@ -104,10 +104,8 @@ namespace Org.BouncyCastle.Cmp.Tests { IsTrue("Expected NotAfter to be empty.", DateTime.MinValue == msg.GetCertTemplate().Validity.NotAfter.ToDateTime()); } - } - [Test] public void TestSubsequentMessage() { @@ -115,17 +113,13 @@ namespace Org.BouncyCastle.Cmp.Tests rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100)); AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); - TestCertBuilder builder = new TestCertBuilder() - { - NotBefore = DateTime.UtcNow.AddDays(-1), - NotAfter = DateTime.UtcNow.AddDays(1), - PublicKey = rsaKeyPair.Public, - SignatureAlgorithm = "Sha1WithRSAEncryption" - - }; + TestCertBuilder builder = new TestCertBuilder(); + builder.NotBefore = DateTime.UtcNow.AddDays(-1); + builder.NotAfter = DateTime.UtcNow.AddDays(1); + builder.PublicKey = rsaKeyPair.Public; + builder.SignatureAlgorithm = "Sha1WithRSAEncryption"; X509Certificate cert = builder.Build(rsaKeyPair.Private); - GeneralName user = new GeneralName(new X509Name("CN=Test")); CertificateRequestMessageBuilder crmBuiler = new CertificateRequestMessageBuilder(BigInteger.One) @@ -134,21 +128,18 @@ namespace Org.BouncyCastle.Cmp.Tests ISignatureFactory sigFact = new Asn1SignatureFactory("SHA256WithRSA", rsaKeyPair.Private); - ProtectedPkiMessage certRequestMsg = new ProtectedPkiMessageBuilder(user,user) - .SetTransactionId(new byte[]{1,2,3,4,5}) - .SetBody(new PkiBody(PkiBody.TYPE_KEY_RECOVERY_REQ, new CertReqMessages(new CertReqMsg[]{crmBuiler.Build().ToAsn1Structure()}))) - .AddCmpCertificate(cert) + ProtectedPkiMessage certRequestMsg = new ProtectedPkiMessageBuilder(user, user) + .SetTransactionId(new byte[] { 1, 2, 3, 4, 5 }) + .SetBody(new PkiBody(PkiBody.TYPE_KEY_RECOVERY_REQ, new CertReqMessages(new CertReqMsg[] { crmBuiler.Build().ToAsn1Structure() }))) + .AddCmpCertificate(cert) .Build(sigFact); - ProtectedPkiMessage msg = new ProtectedPkiMessage(new GeneralPKIMessage(certRequestMsg.ToAsn1Message().GetDerEncoded())); + ProtectedPkiMessage msg = new ProtectedPkiMessage(new GeneralPkiMessage(certRequestMsg.ToAsn1Message().GetDerEncoded())); CertReqMessages reqMsgs = CertReqMessages.GetInstance(msg.Body.Content); CertReqMsg reqMsg = reqMsgs.ToCertReqMsgArray()[0]; IsEquals(ProofOfPossession.TYPE_KEY_ENCIPHERMENT, reqMsg.Popo.Type); - } - - [Test] public void TestSampleCr() { @@ -162,15 +153,11 @@ namespace Org.BouncyCastle.Cmp.Tests "Ep9wvv+3+td5MEO+qMuWWxF8OZBlYIFBZ/k+pGlU+4XlBP5Ai6pu/EI/0A+1/bcGs0sQIDAQABMBQwEgYJKwY" + "BBQUHBQEBDAVEVU1NWaACBQCgFwMVAO73HUPF//mY5+E714Cv5oprt0kO\r\n"); - ProtectedPkiMessage msg = new ProtectedPkiMessage(new GeneralPKIMessage(raw)); + ProtectedPkiMessage msg = new ProtectedPkiMessage(new GeneralPkiMessage(raw)); - - IsTrue(msg.Verify(new PKMacBuilder(), "TopSecret1234".ToCharArray())); - } - [Test] public void TestConfirmationMessage() { @@ -178,14 +165,11 @@ namespace Org.BouncyCastle.Cmp.Tests rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100)); AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); - TestCertBuilder builder = new TestCertBuilder() - { - NotBefore = DateTime.UtcNow.AddDays(-1), - NotAfter = DateTime.UtcNow.AddDays(1), - PublicKey = rsaKeyPair.Public, - SignatureAlgorithm = "Sha1WithRSAEncryption" - - }; + TestCertBuilder builder = new TestCertBuilder(); + builder.NotBefore = DateTime.UtcNow.AddDays(-1); + builder.NotAfter = DateTime.UtcNow.AddDays(1); + builder.PublicKey = rsaKeyPair.Public; + builder.SignatureAlgorithm = "Sha1WithRSAEncryption"; builder.AddAttribute(X509Name.C, "Foo"); X509Certificate cert = builder.Build(rsaKeyPair.Private); @@ -198,7 +182,7 @@ namespace Org.BouncyCastle.Cmp.Tests .Build(); ProtectedPkiMessageBuilder msgBuilder = new ProtectedPkiMessageBuilder(sender, recipient); - msgBuilder.SetBody(new PkiBody(PkiBody.TYPE_CERT_CONFIRM, content.ToAsn1Structure())); + msgBuilder.SetBody(new PkiBody(PkiBody.TYPE_CERT_CONFIRM, content.ToAsn1Structure())); msgBuilder.AddCmpCertificate(cert); ISignatureFactory sigFact = new Asn1SignatureFactory("MD5WithRSA", rsaKeyPair.Private); @@ -208,51 +192,46 @@ namespace Org.BouncyCastle.Cmp.Tests IsTrue("PKIMessage must verify (MD5withRSA)", msg.Verify(verifierFactory)); - IsEquals(sender,msg.Header.Sender); - IsEquals(recipient,msg.Header.Recipient); + IsEquals(sender, msg.Header.Sender); + IsEquals(recipient, msg.Header.Recipient); content = new CertificateConfirmationContent(CertConfirmContent.GetInstance(msg.Body.Content), new DefaultDigestAlgorithmIdentifierFinder()); CertificateStatus[] statusList = content.GetStatusMessages(); - IsEquals(1,statusList.Length); + IsEquals(1, statusList.Length); IsTrue(statusList[0].IsVerified(cert)); } - - [Test] - public void TestProtectedMessage() + public void TestProtectedMessage() { - RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator(); - rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537),new SecureRandom(),2048,100)); - AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); + RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator(); + rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100)); + AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); - TestCertBuilder builder = new TestCertBuilder() - { - NotBefore = DateTime.UtcNow.AddDays(-1), - NotAfter = DateTime.UtcNow.AddDays(1), - PublicKey = rsaKeyPair.Public, - SignatureAlgorithm = "Sha1WithRSAEncryption" - - }; + TestCertBuilder builder = new TestCertBuilder(); + builder.NotBefore = DateTime.UtcNow.AddDays(-1); + builder.NotAfter = DateTime.UtcNow.AddDays(1); + builder.PublicKey = rsaKeyPair.Public; + builder.SignatureAlgorithm = "Sha1WithRSAEncryption"; builder.AddAttribute(X509Name.C, "Foo"); X509Certificate cert = builder.Build(rsaKeyPair.Private); GeneralName sender = new GeneralName(new X509Name("CN=Sender")); GeneralName recipient = new GeneralName(new X509Name("CN=Recip")); - - ProtectedPkiMessageBuilder msgBuilder = new ProtectedPkiMessageBuilder(sender,recipient); + + ProtectedPkiMessageBuilder msgBuilder = new ProtectedPkiMessageBuilder(sender, recipient); msgBuilder.AddCmpCertificate(cert); - - ISignatureFactory sigFact = new Asn1SignatureFactory("MD5WithRSA",rsaKeyPair.Private); - ProtectedPkiMessage msg = msgBuilder.Build(sigFact); + ISignatureFactory sigFact = new Asn1SignatureFactory("MD5WithRSA", rsaKeyPair.Private); + + ProtectedPkiMessage msg = msgBuilder.Build(sigFact); X509Certificate certificate = msg.GetCertificates()[0]; IVerifierFactory verifierFactory = new Asn1VerifierFactory("MD5WithRSA", rsaKeyPair.Public); - IsTrue("PKIMessage must verify (MD5withRSA)",msg.Verify(verifierFactory)); + IsTrue("PKIMessage must verify (MD5withRSA)", msg.Verify(verifierFactory)); } [Test] @@ -263,14 +242,11 @@ namespace Org.BouncyCastle.Cmp.Tests 100)); AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); - TestCertBuilder builder = new TestCertBuilder() - { - NotBefore = DateTime.UtcNow.AddDays(-1), - NotAfter = DateTime.UtcNow.AddDays(1), - PublicKey = rsaKeyPair.Public, - SignatureAlgorithm = "Sha1WithRSAEncryption" - - }; + TestCertBuilder builder = new TestCertBuilder(); + builder.NotBefore = DateTime.UtcNow.AddDays(-1); + builder.NotAfter = DateTime.UtcNow.AddDays(1); + builder.PublicKey = rsaKeyPair.Public; + builder.SignatureAlgorithm = "Sha1WithRSAEncryption"; builder.AddAttribute(X509Name.C, "Foo"); X509Certificate cert = builder.Build(rsaKeyPair.Private); @@ -291,79 +267,102 @@ namespace Org.BouncyCastle.Cmp.Tests IsTrue(msg.Verify(macFactory, "testpass".ToCharArray())); } - - - [Test] public void TestVerifyBCJavaGeneratedMessage() { - // - // Test with content generated by BC-JAVA version. - // + // + // Test with content generated by BC-JAVA version. + // - ICipherParameters publicKey = PublicKeyFactory.CreateKey(Hex.Decode( - "305c300d06092a864886f70d0101010500034b003048024100ac1e59ba5f96" + - "ba86c86e6d8bbfd43ece04265fa29e6ebdb320388b58af365d05b26970cbd2" + - "6e5b0fa7df2074b90b42a1d16ab270cdb851b53e464b87f683774502030100" + - "01")); - ICipherParameters privateKey = PrivateKeyFactory.CreateKey(Hex.Decode( - "30820155020100300d06092a864886f70d01010105000482013f3082013b02" + - "0100024100ac1e59ba5f96ba86c86e6d8bbfd43ece04265fa29e6ebdb32038" + - "8b58af365d05b26970cbd26e5b0fa7df2074b90b42a1d16ab270cdb851b53e" + - "464b87f68377450203010001024046f3f208570c735349bfe00fdaa1fbcc00" + - "c0f2eebe42279876a168ac43fa74a8cdf9a1bb49066c07cfcfa7196f69f2b9" + - "419d378109db967891428c50273dcc37022100d488dc3fb86f404d726a8166" + - "b2a9aba9bee12fdbf38470a62403a2a20bad0977022100cf51874e479b141f" + - "9915533bf54d68f1940f84d7fe6130538ff01a23e3493423022100986f94f1" + - "0afa9837341219bfabf32fd16ebb9a94fa630a5ccf45e036b383275f02201b" + - "6dff07f563684b31f6e757548254733a12bf91d05f4d8490d3c4b1a0ddcb9f" + - "02210087c3b2049e9a3edfc4cb40a3a275dabf7ffff80b467157e384603042" + - "3fe91d68")); - - byte[] ind = Hex.Decode( - "308201ac306e020102a4133011310f300d06035504030c0653656e646572a4" + - "123010310e300c06035504030c055265636970a140303e06092a864886f67d" + - "07420d30310414fdccb4ffd7848e6a697bee36cbe0f3722ed7fe2f30070605" + - "2b0e03021a020203e8300c06082b060105050801020500a10430023000a017" + - "031500c131c357441daa78eb538bfd9c24870e220fdafaa182011930820115" + - "308201113081bca003020102020601684a515d5b300d06092a864886f70d01" + - "01050500300f310d300b06035504030c0454657374301e170d313930313134" + - "3033303433325a170d3139303432343033303433325a300f310d300b060355" + - "04030c0454657374305c300d06092a864886f70d0101010500034b00304802" + - "4100ac1e59ba5f96ba86c86e6d8bbfd43ece04265fa29e6ebdb320388b58af" + - "365d05b26970cbd26e5b0fa7df2074b90b42a1d16ab270cdb851b53e464b87" + - "f68377450203010001300d06092a864886f70d0101050500034100264b5b76" + - "f268e2a992f05ad83783b091ce806a6726912c6200d06b33375ae58fe3c474" + - "c3a42ad6e572a2c48ae3bf914a7510bb995c3474829cfe71ab679a3db0"); - - - ProtectedPkiMessage pkiMsg = new ProtectedPkiMessage(PkiMessage.GetInstance(ind)); - - PbmParameter pbmParameters = PbmParameter.GetInstance(pkiMsg.Header.ProtectionAlg.Parameters); - - IsTrue(pkiMsg.Verify(new PKMacBuilder().SetParameters(pbmParameters), "secret".ToCharArray())); + ICipherParameters publicKey = PublicKeyFactory.CreateKey(Hex.Decode( + "305c300d06092a864886f70d0101010500034b003048024100ac1e59ba5f96" + + "ba86c86e6d8bbfd43ece04265fa29e6ebdb320388b58af365d05b26970cbd2" + + "6e5b0fa7df2074b90b42a1d16ab270cdb851b53e464b87f683774502030100" + + "01")); + ICipherParameters privateKey = PrivateKeyFactory.CreateKey(Hex.Decode( + "30820155020100300d06092a864886f70d01010105000482013f3082013b02" + + "0100024100ac1e59ba5f96ba86c86e6d8bbfd43ece04265fa29e6ebdb32038" + + "8b58af365d05b26970cbd26e5b0fa7df2074b90b42a1d16ab270cdb851b53e" + + "464b87f68377450203010001024046f3f208570c735349bfe00fdaa1fbcc00" + + "c0f2eebe42279876a168ac43fa74a8cdf9a1bb49066c07cfcfa7196f69f2b9" + + "419d378109db967891428c50273dcc37022100d488dc3fb86f404d726a8166" + + "b2a9aba9bee12fdbf38470a62403a2a20bad0977022100cf51874e479b141f" + + "9915533bf54d68f1940f84d7fe6130538ff01a23e3493423022100986f94f1" + + "0afa9837341219bfabf32fd16ebb9a94fa630a5ccf45e036b383275f02201b" + + "6dff07f563684b31f6e757548254733a12bf91d05f4d8490d3c4b1a0ddcb9f" + + "02210087c3b2049e9a3edfc4cb40a3a275dabf7ffff80b467157e384603042" + + "3fe91d68")); + + byte[] ind = Hex.Decode( + "308201ac306e020102a4133011310f300d06035504030c0653656e646572a4" + + "123010310e300c06035504030c055265636970a140303e06092a864886f67d" + + "07420d30310414fdccb4ffd7848e6a697bee36cbe0f3722ed7fe2f30070605" + + "2b0e03021a020203e8300c06082b060105050801020500a10430023000a017" + + "031500c131c357441daa78eb538bfd9c24870e220fdafaa182011930820115" + + "308201113081bca003020102020601684a515d5b300d06092a864886f70d01" + + "01050500300f310d300b06035504030c0454657374301e170d313930313134" + + "3033303433325a170d3139303432343033303433325a300f310d300b060355" + + "04030c0454657374305c300d06092a864886f70d0101010500034b00304802" + + "4100ac1e59ba5f96ba86c86e6d8bbfd43ece04265fa29e6ebdb320388b58af" + + "365d05b26970cbd26e5b0fa7df2074b90b42a1d16ab270cdb851b53e464b87" + + "f68377450203010001300d06092a864886f70d0101050500034100264b5b76" + + "f268e2a992f05ad83783b091ce806a6726912c6200d06b33375ae58fe3c474" + + "c3a42ad6e572a2c48ae3bf914a7510bb995c3474829cfe71ab679a3db0"); + + ProtectedPkiMessage pkiMsg = new ProtectedPkiMessage(PkiMessage.GetInstance(ind)); + + PbmParameter pbmParameters = PbmParameter.GetInstance(pkiMsg.Header.ProtectionAlg.Parameters); + + IsTrue(pkiMsg.Verify(new PKMacBuilder().SetParameters(pbmParameters), "secret".ToCharArray())); + } } - - -} - public class TestCertBuilder { IDictionary attrs = new Hashtable(); IList ord = new ArrayList(); IList values = new ArrayList(); - public DateTime NotBefore { get; set; } + private DateTime notBefore, notAfter; + private AsymmetricKeyParameter publicKey; + private string signatureAlgorithm; + private X509Name issuer, subject; - public DateTime NotAfter { get; set; } + public DateTime NotBefore + { + get { return notBefore; } + set { this.notBefore = value; } + } - public AsymmetricKeyParameter PublicKey { get; set; } + public DateTime NotAfter + { + get { return notAfter; } + set { this.notAfter = value; } + } - public String SignatureAlgorithm { get; set; } + public AsymmetricKeyParameter PublicKey + { + get { return publicKey; } + set { this.publicKey = value; } + } - public X509Name Issuer { get; set; } - public X509Name Subject { get; set; } + public string SignatureAlgorithm + { + get { return signatureAlgorithm; } + set { this.signatureAlgorithm = value; } + } + + public X509Name Issuer + { + get { return issuer; } + set { this.issuer = value; } + } + + public X509Name Subject + { + get { return subject; } + set { this.subject = value; } + } public TestCertBuilder AddAttribute(DerObjectIdentifier name, Object value) { @@ -388,7 +387,6 @@ namespace Org.BouncyCastle.Cmp.Tests certGen.SetIssuerDN(new X509Name(ord, attrs)); } - certGen.SetNotBefore(NotBefore); certGen.SetNotAfter(NotAfter); @@ -401,7 +399,6 @@ namespace Org.BouncyCastle.Cmp.Tests certGen.SetSubjectDN(new X509Name(ord, attrs)); } - certGen.SetPublicKey(PublicKey); certGen.SetSignatureAlgorithm(SignatureAlgorithm); diff --git a/crypto/test/src/crmf/test/CrmfTest.cs b/crypto/test/src/crmf/test/CrmfTest.cs index b1f18cc7b..8211fe1c4 100644 --- a/crypto/test/src/crmf/test/CrmfTest.cs +++ b/crypto/test/src/crmf/test/CrmfTest.cs @@ -1,7 +1,8 @@ using System; using System.Collections; -using NUnit.Core; + using NUnit.Framework; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cms; using Org.BouncyCastle.Asn1.Crmf; @@ -15,23 +16,23 @@ using Org.BouncyCastle.Crypto.Generators; using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; +using Org.BouncyCastle.Operators; using Org.BouncyCastle.Pkcs; using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities; using Org.BouncyCastle.Utilities.Encoders; using Org.BouncyCastle.Utilities.Test; using Org.BouncyCastle.X509; -using Org.BouncyCastle.Operators; namespace Org.BouncyCastle.Crmf.Tests { [TestFixture] public class CrmfTest : SimpleTest { - - - public override string Name => "CRMF Tests"; - + public override string Name + { + get { return "CRMF"; } + } public override void PerformTest() { @@ -44,14 +45,14 @@ namespace Org.BouncyCastle.Crmf.Tests [Test] public void TestFromJVM() { - var pubKey = PublicKeyFactory.CreateKey(Hex.Decode( + AsymmetricKeyParameter pubKey = PublicKeyFactory.CreateKey(Hex.Decode( "305c300d06092a864886f70d0101010500034b003048024100bbb3f6a5031fbb1feedbfed7584a4f6321ccdc16b9526b0f6e31859328db35a6ec420a98e14fb3bcf192004b1aa6fc9269410204785cc01317232feb545a7b410203010001")); - var privKey = PrivateKeyFactory.CreateKey(Hex.Decode("30820153020100300d06092a864886f70d01010105000482013d30820139020100024100bbb3f6a5031fbb1feedbfed7584a4f6321ccdc16b9526b0f6e31859328db35a6ec420a98e14fb3bcf192004b1aa6fc9269410204785cc01317232feb545a7b41020301000102400093b384b9021c4cd59888e956cb1e653e736833235315b0e938116da19a9276b1ea1fe33da580a497313f08eb3e7c14627508a4284be04ea3e6ba8cb4b0a5c9022100e2fe0d9f35bfd7ecf196227e5e915a2464478ea7033c6dff4ce6a02961759a49022100d3b093770745dfea42c5c5c31f1a6b797a60dfb5503ae60f70b864452c4a193902203cc761c65b91feb3070cf8377602dd6c191dbfe8a04931fac6108a9a09ea7f61022071bb2a5f06af49cfc8340d3df995ee2c03cdcc22d389f15456511abdf73f9031022065bc10d43192cb3131c53be18a0d41a060d4e0a3324a47e3eb4bf720e1b46b10")); + AsymmetricKeyParameter privKey = PrivateKeyFactory.CreateKey(Hex.Decode("30820153020100300d06092a864886f70d01010105000482013d30820139020100024100bbb3f6a5031fbb1feedbfed7584a4f6321ccdc16b9526b0f6e31859328db35a6ec420a98e14fb3bcf192004b1aa6fc9269410204785cc01317232feb545a7b41020301000102400093b384b9021c4cd59888e956cb1e653e736833235315b0e938116da19a9276b1ea1fe33da580a497313f08eb3e7c14627508a4284be04ea3e6ba8cb4b0a5c9022100e2fe0d9f35bfd7ecf196227e5e915a2464478ea7033c6dff4ce6a02961759a49022100d3b093770745dfea42c5c5c31f1a6b797a60dfb5503ae60f70b864452c4a193902203cc761c65b91feb3070cf8377602dd6c191dbfe8a04931fac6108a9a09ea7f61022071bb2a5f06af49cfc8340d3df995ee2c03cdcc22d389f15456511abdf73f9031022065bc10d43192cb3131c53be18a0d41a060d4e0a3324a47e3eb4bf720e1b46b10")); - var rawMsg = Hex.Decode("3081cc30760201013071a511300f310d300b0603550403130454657374a65c300d06092a864886f70d0101010500034b003048024100bbb3f6a5031fbb1feedbfed7584a4f6321ccdc16b9526b0f6e31859328db35a6ec420a98e14fb3bcf192004b1aa6fc9269410204785cc01317232feb545a7b410203010001a152300d06092a864886f70d01010505000341003120cdb58edfef4a2e1a4bfe96b972007c1d1c949221d266efe28b45ba036b9d534f5dca261dce8f21e134d97e55c3bd76d1460781fd9703f8f9907d1f036c20"); + byte[] rawMsg = Hex.Decode("3081cc30760201013071a511300f310d300b0603550403130454657374a65c300d06092a864886f70d0101010500034b003048024100bbb3f6a5031fbb1feedbfed7584a4f6321ccdc16b9526b0f6e31859328db35a6ec420a98e14fb3bcf192004b1aa6fc9269410204785cc01317232feb545a7b410203010001a152300d06092a864886f70d01010505000341003120cdb58edfef4a2e1a4bfe96b972007c1d1c949221d266efe28b45ba036b9d534f5dca261dce8f21e134d97e55c3bd76d1460781fd9703f8f9907d1f036c20"); - var msg = new CertificateRequestMessage(rawMsg); - IsTrue("Pop Valid",msg.IsValidSigningKeyPop(new Asn1VerifierFactoryProvider(pubKey))); + CertificateRequestMessage msg = new CertificateRequestMessage(rawMsg); + IsTrue("Pop Valid", msg.IsValidSigningKeyPop(new Asn1VerifierFactoryProvider(pubKey))); // // Vandalize message to check for failure. @@ -59,28 +60,25 @@ namespace Org.BouncyCastle.Crmf.Tests rawMsg[7] ^= 1; msg = new CertificateRequestMessage(rawMsg); - - IsTrue("Pop Verified Vandalized Message!", !msg.IsValidSigningKeyPop(new Asn1VerifierFactoryProvider(pubKey))); + IsTrue("Pop Verified Vandalized Message!", !msg.IsValidSigningKeyPop(new Asn1VerifierFactoryProvider(pubKey))); } - - [Test] public void TestBasicMessage() { - var rsaKeyPairGenerator = new RsaKeyPairGenerator(); + RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator(); rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100)); - var rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); + AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); + + CertificateRequestMessageBuilder certReqBuild = new CertificateRequestMessageBuilder(BigInteger.One); - var certReqBuild = new CertificateRequestMessageBuilder(BigInteger.One); - certReqBuild.SetSubject(new X509Name("CN=Test")) .SetPublicKey(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(rsaKeyPair.Public)) .SetProofOfPossessionSignKeySigner(new Asn1SignatureFactory("SHA1WithRSA", rsaKeyPair.Private)); - var certificateRequestMessage = certReqBuild.Build(); - + CertificateRequestMessage certificateRequestMessage = certReqBuild.Build(); + IsTrue("Signing Key Pop Valid",certificateRequestMessage.IsValidSigningKeyPop(new Asn1VerifierFactoryProvider(rsaKeyPair.Public))); IsTrue(certificateRequestMessage.GetCertTemplate().Subject.Equivalent(new X509Name("CN=Test"))); IsTrue(certificateRequestMessage.GetCertTemplate().PublicKey.Equals(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(rsaKeyPair.Public))); @@ -89,27 +87,24 @@ namespace Org.BouncyCastle.Crmf.Tests [Test] public void TestBasicMessageWithArchiveControl() { - var rsaKeyPairGenerator = new RsaKeyPairGenerator(); + RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator(); rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100)); - var rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); - - var tcb = new TestCertBuilder() - { - PublicKey = rsaKeyPair.Public, - Subject = new X509Name("CN=Test"), - Issuer = new X509Name("CN=Test"), - NotBefore = DateTime.UtcNow.AddDays(-1), - NotAfter = DateTime.UtcNow.AddDays(1), - SignatureAlgorithm = "Sha1WithRSAEncryption" - }; + AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); - var cert = tcb.Build(rsaKeyPair.Private); + TestCertBuilder tcb = new TestCertBuilder(); + tcb.PublicKey = rsaKeyPair.Public; + tcb.Subject = new X509Name("CN=Test"); + tcb.Issuer = new X509Name("CN=Test"); + tcb.NotBefore = DateTime.UtcNow.AddDays(-1); + tcb.NotAfter = DateTime.UtcNow.AddDays(1); + tcb.SignatureAlgorithm = "Sha1WithRSAEncryption"; - var publicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(rsaKeyPair.Public); - var privateInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(rsaKeyPair.Private); + X509Certificate cert = tcb.Build(rsaKeyPair.Private); + SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(rsaKeyPair.Public); + PrivateKeyInfo privateInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(rsaKeyPair.Private); - var certificateRequestMessageBuilder = new CertificateRequestMessageBuilder(BigInteger.One); + CertificateRequestMessageBuilder certificateRequestMessageBuilder = new CertificateRequestMessageBuilder(BigInteger.One); certificateRequestMessageBuilder.SetSubject(new X509Name("CN=Test")); certificateRequestMessageBuilder.SetPublicKey(publicKeyInfo); @@ -119,14 +114,13 @@ namespace Org.BouncyCastle.Crmf.Tests .Build(new CmsContentEncryptorBuilder(NistObjectIdentifiers.IdAes128Cbc).Build()) ); - var msg = certificateRequestMessageBuilder.Build(); + CertificateRequestMessage msg = certificateRequestMessageBuilder.Build(); IsTrue(Arrays.AreEqual(msg.GetCertTemplate().Subject.GetEncoded(), new X509Name("CN=Test").GetEncoded())); IsTrue(Arrays.AreEqual(msg.GetCertTemplate().PublicKey.GetEncoded(),publicKeyInfo.GetEncoded())); - checkCertReqMsgWithArchiveControl(rsaKeyPair,msg); - checkCertReqMsgWithArchiveControl(rsaKeyPair, new CertificateRequestMessage(msg.GetEncoded())); - + CheckCertReqMsgWithArchiveControl(rsaKeyPair,msg); + CheckCertReqMsgWithArchiveControl(rsaKeyPair, new CertificateRequestMessage(msg.GetEncoded())); } [Test] @@ -136,31 +130,27 @@ namespace Org.BouncyCastle.Crmf.Tests Hex.Decode("305c300d06092a864886f70d0101010500034b003048024100a9a94b7b98dc3daf8cac032a14bd4510832b0e007edbdafc065e328645a35828b8185cdbf73ed495c88436b11a9322965595d2e4c1dd63c3c4d41812f876b3070203010001")); AsymmetricKeyParameter privateKey = PrivateKeyFactory.CreateKey( Hex.Decode("30820154020100300d06092a864886f70d01010105000482013e3082013a020100024100a9a94b7b98dc3daf8cac032a14bd4510832b0e007edbdafc065e328645a35828b8185cdbf73ed495c88436b11a9322965595d2e4c1dd63c3c4d41812f876b307020301000102400831deacfe21a9331902d7f648e1297c563196b00c70971fb439098cb5c1618925bdbac4c66b30f8956660220f326f51e5a1725ce690165154fb62fa14497265022100e54943be1b4951e127f6e79c5ab333cba4b0fff0b5e59328d6393ba98dc0e6c3022100bd6da58ce195146a1d3825ec2a622cf4962da653096bea87fbd9a94db266a66d0221008948bcceeef78f97089ec53ed0efcb6b7b489f7638f32491a6f2cdce4f99d89102204eb1b066d8883054ed12985e863506ec0d3fa5ab356cc99ff876b228ff0639f9022024049aaf39bf9a0ddfbd4caee277d0a9f07d075faae12571176a5c0ca40415c0")); - + CertificateRequestMessage msg = new CertificateRequestMessage( Hex.Decode("308202af308202ab0201013071a511300f310d300b0603550403130454657374a65c300d06092a864886f70d0101010500034b003048024100a9a94b7b98dc3daf8cac032a14bd4510832b0e007edbdafc065e328645a35828b8185cdbf73ed495c88436b11a9322965595d2e4c1dd63c3c4d41812f876b3070203010001308202313082022d06092b0601050507050104a082021ea082021a0201003171306f0201003019300f310d300b06035504030c04546573740206016859de5806300d06092a864886f70d0101010500044066f1a72f808908af784b83c07895276104d7c4caaee6090212ce5b27517aec510425b784352b5342c999f844b8796286f10a59807e290f06aa39f8cba86dd6bf308201a0060b2a864886f70d0109100115301d060960864801650304010204104aceaa277cc7974ea2a775ff9db6062580820170c648e70c25c4789d2ff4ed398e5536efb45d2dd8ba76a628ad30bf9596a18337afc0f596f0c18e05fb3fa9944ed9691dae1d9b327b5bbafaaa63efb0e22d675811c27bfb023b80184325fd4b67b3b9e41bf43c5583a86433b230e09a34b61397ddff0eadf10c883fc1f01860e2a56ab4002dcc4d4925c53e09dde0b99928fdf602bce544722155cebd8816e91a411a99feea07695774cd8883034022d57f64e9cd3383c3125c48db2936b7395a22b17910be1f2c0b8650bdb5bd752ffc40fcd30169e5ae3a4ac7ad9cc850e9c17bbcf8e1a1898d0d8be19145c484467b8f1124657a5e08c10fc67416274990cc16d55c9fb76c265dd436b7e803425892297f1a08e4fab8e178874b2b3bf9c749693d609db208e9a3ebbddd26cd6a1b33c0201532170dc6c303e7ac0c42ba0bc54dfb928b228842b6bb08d8dc411d262dabf140a8b5a5c67ea486c1877a2fc000981d54cf2decaf1cfeebcf83134992b09a2b1fe9e02da25b874604b5d8bbd609875ba8")); AsymmetricCipherKeyPair rsaKeyPair = new AsymmetricCipherKeyPair(publicKey,privateKey); - SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey); - - Console.WriteLine(msg.GetCertTemplate().Subject.Equivalent(new X509Name("CN=Test"))); - IsTrue(msg.GetCertTemplate().Subject.Equivalent(new X509Name("CN=Test"))); IsTrue(Arrays.AreEqual(msg.GetCertTemplate().PublicKey.GetEncoded(), publicKeyInfo.GetEncoded())); - checkCertReqMsgWithArchiveControl(rsaKeyPair, msg); - checkCertReqMsgWithArchiveControl(rsaKeyPair, new CertificateRequestMessage(msg.GetEncoded())); + CheckCertReqMsgWithArchiveControl(rsaKeyPair, msg); + CheckCertReqMsgWithArchiveControl(rsaKeyPair, new CertificateRequestMessage(msg.GetEncoded())); - checkCertReqMsgWithArchiveControl(rsaKeyPair,msg); + CheckCertReqMsgWithArchiveControl(rsaKeyPair,msg); } - private void checkCertReqMsgWithArchiveControl(AsymmetricCipherKeyPair kp, CertificateRequestMessage certReqMessage) + private void CheckCertReqMsgWithArchiveControl(AsymmetricCipherKeyPair kp, CertificateRequestMessage certReqMessage) { - var archiveControl = - (PkiArchiveControl) certReqMessage.GetControl(CrmfObjectIdentifiers.id_regCtrl_pkiArchiveOptions); + PkiArchiveControl archiveControl = (PkiArchiveControl)certReqMessage.GetControl( + CrmfObjectIdentifiers.id_regCtrl_pkiArchiveOptions); IsEquals("Archive type", PkiArchiveControl.encryptedPrivKey, archiveControl.ArchiveType); IsTrue(archiveControl.EnvelopedData); @@ -172,7 +162,6 @@ namespace Org.BouncyCastle.Crmf.Tests KeyTransRecipientInformation info = (KeyTransRecipientInformation)collection[0]; EncKeyWithID encKeyWithId = EncKeyWithID.GetInstance(info.GetContent(kp.Private)); - IsTrue(encKeyWithId.HasIdentifier); IsTrue(!encKeyWithId.IsIdentifierUtf8String); // GeneralName at this point. @@ -181,8 +170,6 @@ namespace Org.BouncyCastle.Crmf.Tests PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(kp.Private); IsTrue("Private Key", Arrays.AreEqual(privateKeyInfo.GetEncoded(), encKeyWithId.PrivateKey.GetEncoded())); - } - } -} \ No newline at end of file +} diff --git a/crypto/test/src/crypto/test/ECGOST3410_2012Test.cs b/crypto/test/src/crypto/test/ECGOST3410_2012Test.cs index 8c5997835..7e0a84cbe 100644 --- a/crypto/test/src/crypto/test/ECGOST3410_2012Test.cs +++ b/crypto/test/src/crypto/test/ECGOST3410_2012Test.cs @@ -1,5 +1,7 @@ using System; + using NUnit.Framework; + using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.CryptoPro; using Org.BouncyCastle.Asn1.Pkcs; @@ -17,19 +19,19 @@ using Org.BouncyCastle.X509; namespace Org.BouncyCastle.Crypto.Tests { [TestFixture] - public class ECGOST3410_2012Test:SimpleTest + public class ECGost3410_2012Test + : SimpleTest { public override string Name { - get { return "ECGOST3410-2012-Test"; } + get { return "ECGOST3410-2012"; } } public SimpleTestResult EncodeRecodePublicKey() { - DerObjectIdentifier oid = ECGost3410NamedCurves.GetOid("Tc26-Gost-3410-12-512-paramSetA"); ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGost3410NamedCurves.GetByOid(oid)); - ECGost3410Parameters gostParams = new ECGost3410Parameters(ecp, oid, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512,null); + ECGost3410Parameters gostParams = new ECGost3410Parameters(ecp, oid, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512, null); ECKeyGenerationParameters paramameters = new ECKeyGenerationParameters(gostParams, new SecureRandom()); ECKeyPairGenerator engine = new ECKeyPairGenerator(); engine.Init(paramameters); @@ -38,328 +40,302 @@ namespace Org.BouncyCastle.Crypto.Tests ECPublicKeyParameters generatedKeyParameters = (ECPublicKeyParameters)pair.Public; ECPublicKeyParameters keyParameters = generatedKeyParameters; - // // Continuously encode/decode the key and check for loss of information. // - for (int t = 0; t < 3; t++) - { - - SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keyParameters); - keyParameters = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(info); - - { // Specifically cast and test gost parameters. - ECGost3410Parameters gParam = (ECGost3410Parameters)generatedKeyParameters.Parameters; - ECGost3410Parameters rParam = (ECGost3410Parameters)keyParameters.Parameters; - + for (int t = 0; t < 3; t++) + { + SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keyParameters); + keyParameters = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(info); - bool ok = SafeEquals(gParam.DigestParamSet, rParam.DigestParamSet) && - SafeEquals(gParam.EncryptionParamSet, rParam.EncryptionParamSet) && - SafeEquals(gParam.PublicKeyParamSet, rParam.PublicKeyParamSet); + { + // Specifically cast and test gost parameters. + ECGost3410Parameters gParam = (ECGost3410Parameters)generatedKeyParameters.Parameters; + ECGost3410Parameters rParam = (ECGost3410Parameters)keyParameters.Parameters; - if (!ok) - { - return new SimpleTestResult(false, "GOST parameters does not match"); - } + bool ok = SafeEquals(gParam.DigestParamSet, rParam.DigestParamSet) && + SafeEquals(gParam.EncryptionParamSet, rParam.EncryptionParamSet) && + SafeEquals(gParam.PublicKeyParamSet, rParam.PublicKeyParamSet); - } - - if (!((ECGost3410Parameters)keyParameters.Parameters).Name.Equals( - ((ECGost3410Parameters)generatedKeyParameters.Parameters).Name)) + if (!ok) { - return new SimpleTestResult(false, "Name does not match"); + return new SimpleTestResult(false, "GOST parameters does not match"); } + } + if (!((ECGost3410Parameters)keyParameters.Parameters).Name.Equals( + ((ECGost3410Parameters)generatedKeyParameters.Parameters).Name)) + { + return new SimpleTestResult(false, "Name does not match"); + } - if (keyParameters.IsPrivate != generatedKeyParameters.IsPrivate) - { - return new SimpleTestResult(false, "isPrivate does not match"); - } + if (keyParameters.IsPrivate != generatedKeyParameters.IsPrivate) + { + return new SimpleTestResult(false, "isPrivate does not match"); + } - if (!Arrays.AreEqual(keyParameters.Q.GetEncoded(true), generatedKeyParameters.Q.GetEncoded(true))) - { - return new SimpleTestResult(false, "Q does not match"); - } + if (!Arrays.AreEqual(keyParameters.Q.GetEncoded(true), generatedKeyParameters.Q.GetEncoded(true))) + { + return new SimpleTestResult(false, "Q does not match"); + } - if (!keyParameters.Parameters.Curve.Equals(generatedKeyParameters.Parameters.Curve)) - { - return new SimpleTestResult(false, "Curve does not match"); - } + if (!keyParameters.Parameters.Curve.Equals(generatedKeyParameters.Parameters.Curve)) + { + return new SimpleTestResult(false, "Curve does not match"); + } - if (!Arrays.AreEqual( - keyParameters.Parameters.G.GetEncoded(true), - generatedKeyParameters.Parameters.G.GetEncoded(true))) - { - return new SimpleTestResult(false, "G does not match"); - } + if (!Arrays.AreEqual( + keyParameters.Parameters.G.GetEncoded(true), + generatedKeyParameters.Parameters.G.GetEncoded(true))) + { + return new SimpleTestResult(false, "G does not match"); + } - if (!keyParameters.Parameters.H.Equals(generatedKeyParameters.Parameters.H)) - { - return new SimpleTestResult(false, "H does not match"); - } + if (!keyParameters.Parameters.H.Equals(generatedKeyParameters.Parameters.H)) + { + return new SimpleTestResult(false, "H does not match"); + } - if (!keyParameters.Parameters.HInv.Equals(generatedKeyParameters.Parameters.HInv)) - { - return new SimpleTestResult(false, "Hinv does not match"); - } + if (!keyParameters.Parameters.HInv.Equals(generatedKeyParameters.Parameters.HInv)) + { + return new SimpleTestResult(false, "Hinv does not match"); + } - if (!keyParameters.Parameters.N.Equals(generatedKeyParameters.Parameters.N)) - { - return new SimpleTestResult(false, "N does not match"); - } + if (!keyParameters.Parameters.N.Equals(generatedKeyParameters.Parameters.N)) + { + return new SimpleTestResult(false, "N does not match"); + } - if (!Arrays.AreEqual(keyParameters.Parameters.GetSeed(), generatedKeyParameters.Parameters.GetSeed())) - { - return new SimpleTestResult(false, "Seed does not match"); - } + if (!Arrays.AreEqual(keyParameters.Parameters.GetSeed(), generatedKeyParameters.Parameters.GetSeed())) + { + return new SimpleTestResult(false, "Seed does not match"); } - return new SimpleTestResult(true, null); - + } + return new SimpleTestResult(true, null); } - private SimpleTestResult EncodeRecodePrivateKey() { - - DerObjectIdentifier oid = ECGost3410NamedCurves.GetOid("Tc26-Gost-3410-12-512-paramSetA"); - ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGost3410NamedCurves.GetByOid(oid)); - ECGost3410Parameters gostParams = new ECGost3410Parameters(ecp, oid, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512,null); - ECKeyGenerationParameters parameters = new ECKeyGenerationParameters(gostParams, new SecureRandom()); - ECKeyPairGenerator engine = new ECKeyPairGenerator(); - engine.Init(parameters); - AsymmetricCipherKeyPair pair = engine.GenerateKeyPair(); - - ECPrivateKeyParameters generatedKeyParameters = (ECPrivateKeyParameters)pair.Private; - ECPrivateKeyParameters keyParameters = generatedKeyParameters; - + DerObjectIdentifier oid = ECGost3410NamedCurves.GetOid("Tc26-Gost-3410-12-512-paramSetA"); + ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGost3410NamedCurves.GetByOid(oid)); + ECGost3410Parameters gostParams = new ECGost3410Parameters(ecp, oid, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512, null); + ECKeyGenerationParameters parameters = new ECKeyGenerationParameters(gostParams, new SecureRandom()); + ECKeyPairGenerator engine = new ECKeyPairGenerator(); + engine.Init(parameters); + AsymmetricCipherKeyPair pair = engine.GenerateKeyPair(); - // - // Continuously encode/decode the key and check for loss of information. - // + ECPrivateKeyParameters generatedKeyParameters = (ECPrivateKeyParameters)pair.Private; + ECPrivateKeyParameters keyParameters = generatedKeyParameters; + // + // Continuously encode/decode the key and check for loss of information. + // + for (int t = 0; t < 3; t++) + { + PrivateKeyInfo info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(keyParameters); + keyParameters = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(info); - for (int t = 0; t < 3; t++) { - PrivateKeyInfo info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(keyParameters); - keyParameters = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(info); - - { // Specifically cast and test gost parameters. - ECGost3410Parameters gParam = (ECGost3410Parameters)generatedKeyParameters.Parameters; - ECGost3410Parameters rParam = (ECGost3410Parameters)keyParameters.Parameters; - - bool ok = SafeEquals(gParam.DigestParamSet, rParam.DigestParamSet) && - SafeEquals(gParam.EncryptionParamSet, rParam.EncryptionParamSet) && - SafeEquals(gParam.PublicKeyParamSet, rParam.PublicKeyParamSet); - - if (!ok) - { - return new SimpleTestResult(false, "GOST parameters does not match"); - } - - } - - if (keyParameters.IsPrivate != generatedKeyParameters.IsPrivate) - { - return new SimpleTestResult(false, "isPrivate does not match"); - } - - if (!keyParameters.D.Equals(generatedKeyParameters.D)) - { - return new SimpleTestResult(false, "D does not match"); - } - - if (!((ECGost3410Parameters)keyParameters.Parameters).Name.Equals( - ((ECGost3410Parameters)generatedKeyParameters.Parameters).Name)) - { - return new SimpleTestResult(false, "Name does not match"); - } - - if (!keyParameters.Parameters.Curve.Equals(generatedKeyParameters.Parameters.Curve)) - { - return new SimpleTestResult(false, "Curve does not match"); - } - - if (!Arrays.AreEqual( - keyParameters.Parameters.G.GetEncoded(true), - generatedKeyParameters.Parameters.G.GetEncoded(true))) - { - return new SimpleTestResult(false, "G does not match"); - } + // Specifically cast and test gost parameters. + ECGost3410Parameters gParam = (ECGost3410Parameters)generatedKeyParameters.Parameters; + ECGost3410Parameters rParam = (ECGost3410Parameters)keyParameters.Parameters; - if (!keyParameters.Parameters.H.Equals(generatedKeyParameters.Parameters.H)) - { - return new SimpleTestResult(false, "H does not match"); - } - - if (!keyParameters.Parameters.HInv.Equals(generatedKeyParameters.Parameters.HInv)) - { - return new SimpleTestResult(false, "Hinv does not match"); - } - - if (!keyParameters.Parameters.N.Equals(generatedKeyParameters.Parameters.N)) - { - return new SimpleTestResult(false, "N does not match"); - } + bool ok = SafeEquals(gParam.DigestParamSet, rParam.DigestParamSet) && + SafeEquals(gParam.EncryptionParamSet, rParam.EncryptionParamSet) && + SafeEquals(gParam.PublicKeyParamSet, rParam.PublicKeyParamSet); - if (!Arrays.AreEqual(keyParameters.Parameters.GetSeed(), generatedKeyParameters.Parameters.GetSeed())) + if (!ok) { - return new SimpleTestResult(false, "Seed does not match"); + return new SimpleTestResult(false, "GOST parameters does not match"); } } - - - return new SimpleTestResult(true, null); - } - - private SimpleTestResult DecodeJCEPublic() - { - byte[] pub256 = Hex.Decode("3068302106082a85030701010101301506092a850307010201010106082a850307010102020343000440292335c87d892510c35a033819a13e2b0dc606d911676af2bad8872d74a4b7bae6c729e98ace04c3dee626343f794731e1489edb7bc26f1c8c56e1448c96501a"); - - ECPublicKeyParameters pkInfo = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(pub256); - - if (pkInfo.IsPrivate) + if (keyParameters.IsPrivate != generatedKeyParameters.IsPrivate) { - return new SimpleTestResult(false, "isPrivate should be false"); + return new SimpleTestResult(false, "isPrivate does not match"); } - if ( - !Arrays.AreEqual( - pkInfo.Q.GetEncoded(true), - Hex.Decode("02bab7a4742d87d8baf26a6711d906c60d2b3ea11938035ac31025897dc8352329"))) + if (!keyParameters.D.Equals(generatedKeyParameters.D)) { - return new SimpleTestResult(false, "Q does not match"); + return new SimpleTestResult(false, "D does not match"); } - if (!((ECGost3410Parameters)pkInfo.Parameters).PublicKeyParamSet.ToString().Equals("1.2.643.7.1.2.1.1.1")) + if (!((ECGost3410Parameters)keyParameters.Parameters).Name.Equals( + ((ECGost3410Parameters)generatedKeyParameters.Parameters).Name)) { - return new SimpleTestResult(false, "PublicKeyParamSet does not match"); + return new SimpleTestResult(false, "Name does not match"); } - if (!((ECGost3410Parameters)pkInfo.Parameters).DigestParamSet.ToString().Equals("1.2.643.7.1.1.2.2")) + if (!keyParameters.Parameters.Curve.Equals(generatedKeyParameters.Parameters.Curve)) { - return new SimpleTestResult(false, "DigestParamSet does not match"); + return new SimpleTestResult(false, "Curve does not match"); } - if (((ECGost3410Parameters)pkInfo.Parameters).EncryptionParamSet != null) + if (!Arrays.AreEqual( + keyParameters.Parameters.G.GetEncoded(true), + generatedKeyParameters.Parameters.G.GetEncoded(true))) { - return new SimpleTestResult(false, "EncryptionParamSet is not null"); + return new SimpleTestResult(false, "G does not match"); } - - byte[] pub512 = Hex.Decode("3081aa302106082a85030701010102301506092a850307010201020106082a850307010102030381840004818043ccc22692ee8a1870c7c9de0566d7e3a494cf0e3c80f9e8852a3d1ec10d2a829d357253e0864aee2eaacd5e2d327578dee771f62f24decfd6358e06199efe540e7912db43c4c80fe0fd31f7f67a862f9d44fd0075cfee6e3d638c7520063d26311ef962547e8129fb8c5b194e129370cd30313884b4a60872254a10772fe595"); - - pkInfo = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(pub512); - - if (pkInfo.IsPrivate) + if (!keyParameters.Parameters.H.Equals(generatedKeyParameters.Parameters.H)) { - return new SimpleTestResult(false, "isPrivate should be true"); + return new SimpleTestResult(false, "H does not match"); } - if ( - !Arrays.AreEqual( - pkInfo.Q.GetEncoded(true), - Hex.Decode("0254fe9e19068e35d6cfde242ff671e7de7875322d5ecdaa2eee4a86e05372359d822a0dc11e3d2a85e8f9803c0ecf94a4e3d76605dec9c770188aee9226c2cc43"))) + if (!keyParameters.Parameters.HInv.Equals(generatedKeyParameters.Parameters.HInv)) { - return new SimpleTestResult(false, "Q does not match"); + return new SimpleTestResult(false, "Hinv does not match"); } - - if (!((ECGost3410Parameters)pkInfo.Parameters).PublicKeyParamSet.ToString().Equals("1.2.643.7.1.2.1.2.1")) + if (!keyParameters.Parameters.N.Equals(generatedKeyParameters.Parameters.N)) { - return new SimpleTestResult(false, "PublicKeyParamSet does not match"); + return new SimpleTestResult(false, "N does not match"); } - if (!((ECGost3410Parameters)pkInfo.Parameters).DigestParamSet.ToString().Equals("1.2.643.7.1.1.2.3")) + if (!Arrays.AreEqual(keyParameters.Parameters.GetSeed(), generatedKeyParameters.Parameters.GetSeed())) { - return new SimpleTestResult(false, "DigestParamSet does not match"); + return new SimpleTestResult(false, "Seed does not match"); } + } - if (((ECGost3410Parameters)pkInfo.Parameters).EncryptionParamSet != null) - { - return new SimpleTestResult(false, "EncryptionParamSet is not null"); - } + return new SimpleTestResult(true, null); + } + + private SimpleTestResult DecodeJCEPublic() + { + byte[] pub256 = Hex.Decode("3068302106082a85030701010101301506092a850307010201010106082a850307010102020343000440292335c87d892510c35a033819a13e2b0dc606d911676af2bad8872d74a4b7bae6c729e98ace04c3dee626343f794731e1489edb7bc26f1c8c56e1448c96501a"); + + ECPublicKeyParameters pkInfo = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(pub256); + if (pkInfo.IsPrivate) + { + return new SimpleTestResult(false, "isPrivate should be false"); + } + + if (!Arrays.AreEqual( + pkInfo.Q.GetEncoded(true), + Hex.Decode("02bab7a4742d87d8baf26a6711d906c60d2b3ea11938035ac31025897dc8352329"))) + { + return new SimpleTestResult(false, "Q does not match"); + } + + if (!((ECGost3410Parameters)pkInfo.Parameters).PublicKeyParamSet.ToString().Equals("1.2.643.7.1.2.1.1.1")) + { + return new SimpleTestResult(false, "PublicKeyParamSet does not match"); + } + + if (!((ECGost3410Parameters)pkInfo.Parameters).DigestParamSet.ToString().Equals("1.2.643.7.1.1.2.2")) + { + return new SimpleTestResult(false, "DigestParamSet does not match"); + } + + if (((ECGost3410Parameters)pkInfo.Parameters).EncryptionParamSet != null) + { + return new SimpleTestResult(false, "EncryptionParamSet is not null"); + } + + byte[] pub512 = Hex.Decode("3081aa302106082a85030701010102301506092a850307010201020106082a850307010102030381840004818043ccc22692ee8a1870c7c9de0566d7e3a494cf0e3c80f9e8852a3d1ec10d2a829d357253e0864aee2eaacd5e2d327578dee771f62f24decfd6358e06199efe540e7912db43c4c80fe0fd31f7f67a862f9d44fd0075cfee6e3d638c7520063d26311ef962547e8129fb8c5b194e129370cd30313884b4a60872254a10772fe595"); + + pkInfo = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(pub512); + if (pkInfo.IsPrivate) + { + return new SimpleTestResult(false, "isPrivate should be true"); + } - + if (!Arrays.AreEqual( + pkInfo.Q.GetEncoded(true), + Hex.Decode("0254fe9e19068e35d6cfde242ff671e7de7875322d5ecdaa2eee4a86e05372359d822a0dc11e3d2a85e8f9803c0ecf94a4e3d76605dec9c770188aee9226c2cc43"))) + { + return new SimpleTestResult(false, "Q does not match"); + } + + if (!((ECGost3410Parameters)pkInfo.Parameters).PublicKeyParamSet.ToString().Equals("1.2.643.7.1.2.1.2.1")) + { + return new SimpleTestResult(false, "PublicKeyParamSet does not match"); + } + + if (!((ECGost3410Parameters)pkInfo.Parameters).DigestParamSet.ToString().Equals("1.2.643.7.1.1.2.3")) + { + return new SimpleTestResult(false, "DigestParamSet does not match"); + } + + if (((ECGost3410Parameters)pkInfo.Parameters).EncryptionParamSet != null) + { + return new SimpleTestResult(false, "EncryptionParamSet is not null"); + } return new SimpleTestResult(true, null); } private SimpleTestResult DecodeJCEPrivate() { - byte[] priv256 = Hex.Decode("304a020100302106082a85030701010101301506092a850307010201010106082a8503070101020204220420fe75ba328d5439ed4859e6dc7e6ca2e9aab0818f094eddeb0d57d1c16a90762b"); - ECPrivateKeyParameters pkInfo = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(priv256); + byte[] priv256 = Hex.Decode("304a020100302106082a85030701010101301506092a850307010201010106082a8503070101020204220420fe75ba328d5439ed4859e6dc7e6ca2e9aab0818f094eddeb0d57d1c16a90762b"); + ECPrivateKeyParameters pkInfo = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(priv256); - if (!pkInfo.IsPrivate) - { - return new SimpleTestResult(false, "isPrivate should be true"); - } - - if ( - !Arrays.AreEqual( - Hex.Decode("2b76906ac1d1570debdd4e098f81b0aae9a26c7edce65948ed39548d32ba75fe"), - pkInfo.D.ToByteArray())) - { - return new SimpleTestResult(false, "D does not match"); - } + if (!pkInfo.IsPrivate) + { + return new SimpleTestResult(false, "isPrivate should be true"); + } - if (!((ECGost3410Parameters)pkInfo.Parameters).PublicKeyParamSet.ToString().Equals("1.2.643.7.1.2.1.1.1")) - { - return new SimpleTestResult(false, "PublicKeyParamSet does not match"); - } + if (!Arrays.AreEqual( + Hex.Decode("2b76906ac1d1570debdd4e098f81b0aae9a26c7edce65948ed39548d32ba75fe"), + pkInfo.D.ToByteArray())) + { + return new SimpleTestResult(false, "D does not match"); + } - if (!((ECGost3410Parameters)pkInfo.Parameters).DigestParamSet.ToString().Equals("1.2.643.7.1.1.2.2")) - { - return new SimpleTestResult(false, "DigestParamSet does not match"); - } + if (!((ECGost3410Parameters)pkInfo.Parameters).PublicKeyParamSet.ToString().Equals("1.2.643.7.1.2.1.1.1")) + { + return new SimpleTestResult(false, "PublicKeyParamSet does not match"); + } - if (((ECGost3410Parameters)pkInfo.Parameters).EncryptionParamSet != null) - { - return new SimpleTestResult(false, "EncryptionParamSet is not null"); - } + if (!((ECGost3410Parameters)pkInfo.Parameters).DigestParamSet.ToString().Equals("1.2.643.7.1.1.2.2")) + { + return new SimpleTestResult(false, "DigestParamSet does not match"); + } + if (((ECGost3410Parameters)pkInfo.Parameters).EncryptionParamSet != null) + { + return new SimpleTestResult(false, "EncryptionParamSet is not null"); + } - byte[] priv512 = Hex.Decode("306a020100302106082a85030701010102301506092a850307010201020106082a85030701010203044204402fc35576152f6e873236608b592b4b98d0793bf5184f8dc4a99512be703716991a96061ef46aceeae5319b5c69e6fcbfa7e339207878597ce50f9b7cbf857ff1"); - pkInfo = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(priv512); + byte[] priv512 = Hex.Decode("306a020100302106082a85030701010102301506092a850307010201020106082a85030701010203044204402fc35576152f6e873236608b592b4b98d0793bf5184f8dc4a99512be703716991a96061ef46aceeae5319b5c69e6fcbfa7e339207878597ce50f9b7cbf857ff1"); - if (!pkInfo.IsPrivate) - { - return new SimpleTestResult(false, "isPrivate should be true"); - } + pkInfo = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(priv512); - if ( - !Arrays.AreEqual( - Hex.Decode("00f17f85bf7c9b0fe57c5978782039e3a7bffce6695c9b31e5eace6af41e06961a99163770be1295a9c48d4f18f53b79d0984b2b598b603632876e2f157655c32f"), - pkInfo.D.ToByteArray())) - { - return new SimpleTestResult(false, "D does not match"); - } + if (!pkInfo.IsPrivate) + { + return new SimpleTestResult(false, "isPrivate should be true"); + } - if (!((ECGost3410Parameters)pkInfo.Parameters).PublicKeyParamSet.ToString().Equals("1.2.643.7.1.2.1.2.1")) - { - return new SimpleTestResult(false, "PublicKeyParamSet does not match"); - } + if (!Arrays.AreEqual( + Hex.Decode("00f17f85bf7c9b0fe57c5978782039e3a7bffce6695c9b31e5eace6af41e06961a99163770be1295a9c48d4f18f53b79d0984b2b598b603632876e2f157655c32f"), + pkInfo.D.ToByteArray())) + { + return new SimpleTestResult(false, "D does not match"); + } - if (!((ECGost3410Parameters)pkInfo.Parameters).DigestParamSet.ToString().Equals("1.2.643.7.1.1.2.3")) - { - return new SimpleTestResult(false, "DigestParamSet does not match"); - } + if (!((ECGost3410Parameters)pkInfo.Parameters).PublicKeyParamSet.ToString().Equals("1.2.643.7.1.2.1.2.1")) + { + return new SimpleTestResult(false, "PublicKeyParamSet does not match"); + } - if (((ECGost3410Parameters)pkInfo.Parameters).EncryptionParamSet != null) - { - return new SimpleTestResult(false, "EncryptionParamSet is not null"); - } + if (!((ECGost3410Parameters)pkInfo.Parameters).DigestParamSet.ToString().Equals("1.2.643.7.1.1.2.3")) + { + return new SimpleTestResult(false, "DigestParamSet does not match"); + } - + if (((ECGost3410Parameters)pkInfo.Parameters).EncryptionParamSet != null) + { + return new SimpleTestResult(false, "EncryptionParamSet is not null"); + } return new SimpleTestResult(true, null); } - - - public SimpleTestResult EncodeDecodePrivateLW(String oidStr, DerObjectIdentifier digest) + public SimpleTestResult EncodeDecodePrivateLW(string oidStr, DerObjectIdentifier digest) { DerObjectIdentifier oid = ECGost3410NamedCurves.GetOid(oidStr); ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGost3410NamedCurves.GetByOid(oid)); @@ -369,15 +345,14 @@ namespace Org.BouncyCastle.Crypto.Tests engine.Init(parameters); AsymmetricCipherKeyPair pair = engine.GenerateKeyPair(); - - ECPrivateKeyParameters generatedKeyParameters = (ECPrivateKeyParameters) pair.Private; + ECPrivateKeyParameters generatedKeyParameters = (ECPrivateKeyParameters)pair.Private; PrivateKeyInfo info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(generatedKeyParameters); ECPrivateKeyParameters recoveredKeyParameters = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(info); - - { // Specifically cast and test gost parameters. + { + // Specifically cast and test gost parameters. ECGost3410Parameters gParam = (ECGost3410Parameters)generatedKeyParameters.Parameters; ECGost3410Parameters rParam = (ECGost3410Parameters)recoveredKeyParameters.Parameters; @@ -389,10 +364,8 @@ namespace Org.BouncyCastle.Crypto.Tests { return new SimpleTestResult(false, "GOST parameters does not match"); } - } - if (recoveredKeyParameters.IsPrivate != generatedKeyParameters.IsPrivate) { return new SimpleTestResult(false, "isPrivate does not match"); @@ -446,10 +419,10 @@ namespace Org.BouncyCastle.Crypto.Tests } public SimpleTestResult EncodeDecodePublicLW(string oidStr, DerObjectIdentifier digest) - { + { DerObjectIdentifier oid = ECGost3410NamedCurves.GetOid(oidStr); ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGost3410NamedCurves.GetByOid(oid)); - ECGost3410Parameters gostParams = new ECGost3410Parameters(ecp,oid,digest,null); + ECGost3410Parameters gostParams = new ECGost3410Parameters(ecp, oid, digest, null); ECKeyGenerationParameters parameters = new ECKeyGenerationParameters(gostParams, new SecureRandom()); ECKeyPairGenerator engine = new ECKeyPairGenerator(); engine.Init(parameters); @@ -460,35 +433,35 @@ namespace Org.BouncyCastle.Crypto.Tests ECPublicKeyParameters recoveredKeyParameters = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(info); - { // Specifically cast and test gost parameters. + { + // Specifically cast and test gost parameters. ECGost3410Parameters gParam = (ECGost3410Parameters)generatedKeyParameters.Parameters; ECGost3410Parameters rParam = (ECGost3410Parameters)recoveredKeyParameters.Parameters; - - bool ok = SafeEquals(gParam.DigestParamSet, rParam.DigestParamSet) && - SafeEquals(gParam.EncryptionParamSet, rParam.EncryptionParamSet) && - SafeEquals(gParam.PublicKeyParamSet, rParam.PublicKeyParamSet); + bool ok = SafeEquals(gParam.DigestParamSet, rParam.DigestParamSet) + && SafeEquals(gParam.EncryptionParamSet, rParam.EncryptionParamSet) + && SafeEquals(gParam.PublicKeyParamSet, rParam.PublicKeyParamSet); if (!ok) { return new SimpleTestResult(false, "GOST parameters does not match"); } - } if (!((ECGost3410Parameters)recoveredKeyParameters.Parameters).Name.Equals( - ((ECGost3410Parameters)generatedKeyParameters.Parameters).Name)) + ((ECGost3410Parameters)generatedKeyParameters.Parameters).Name)) { return new SimpleTestResult(false, "Name does not match"); } - if (recoveredKeyParameters.IsPrivate != generatedKeyParameters.IsPrivate) { return new SimpleTestResult(false, "isPrivate does not match"); } - if (!Arrays.AreEqual(recoveredKeyParameters.Q.GetEncoded(true), generatedKeyParameters.Q.GetEncoded(true))) + if (!Arrays.AreEqual( + recoveredKeyParameters.Q.GetEncoded(true), + generatedKeyParameters.Q.GetEncoded(true))) { return new SimpleTestResult(false, "Q does not match"); } @@ -525,13 +498,12 @@ namespace Org.BouncyCastle.Crypto.Tests return new SimpleTestResult(false, "Seed does not match"); } - return new SimpleTestResult(true, null); + return new SimpleTestResult(true, null); } [Test] public override void PerformTest() { - SimpleTestResult str = EncodeDecodePublicLW("Tc26-Gost-3410-12-512-paramSetA", RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512); if (!str.IsSuccessful()) { @@ -544,7 +516,6 @@ namespace Org.BouncyCastle.Crypto.Tests Fail(str.ToString(), str.GetException()); } - str = EncodeDecodePublicLW("Tc26-Gost-3410-12-256-paramSetA", RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256); if (!str.IsSuccessful()) { @@ -557,7 +528,6 @@ namespace Org.BouncyCastle.Crypto.Tests Fail(str.ToString(), str.GetException()); } - str = DecodeJCEPrivate(); if (!str.IsSuccessful()) { @@ -581,7 +551,6 @@ namespace Org.BouncyCastle.Crypto.Tests { Fail(str.ToString(), str.GetException()); } - } private bool SafeEquals(object left, object right) @@ -594,4 +563,4 @@ namespace Org.BouncyCastle.Crypto.Tests return left.Equals(right); } } -} \ No newline at end of file +} diff --git a/crypto/test/src/crypto/test/EGOST3410_2012SignatureTest.cs b/crypto/test/src/crypto/test/EGOST3410_2012SignatureTest.cs deleted file mode 100644 index 7c9801430..000000000 --- a/crypto/test/src/crypto/test/EGOST3410_2012SignatureTest.cs +++ /dev/null @@ -1,187 +0,0 @@ -using System; -using System.Security.Cryptography.X509Certificates; -using NUnit.Framework; -using Org.BouncyCastle.Asn1; -using Org.BouncyCastle.Asn1.CryptoPro; -using Org.BouncyCastle.Asn1.Rosstandart; -using Org.BouncyCastle.Crypto.Generators; -using Org.BouncyCastle.Crypto.Parameters; -using Org.BouncyCastle.Crypto.Signers; -using Org.BouncyCastle.Math; -using Org.BouncyCastle.Math.EC; -using Org.BouncyCastle.Pkcs; -using Org.BouncyCastle.Security; -using Org.BouncyCastle.Utilities; -using Org.BouncyCastle.Utilities.Encoders; -using Org.BouncyCastle.Utilities.Test; -using Org.BouncyCastle.X509; - -namespace Org.BouncyCastle.Crypto.Tests -{ - [TestFixture] - public class EGOST3410_2012SignatureTest : SimpleTest - { - public override string Name { get; } - - [Test] - public override void PerformTest() - { - EcGOST34102012256Test(); - } - - - public void EcGOST34102012256Test() - { - BigInteger r = new BigInteger("29700980915817952874371204983938256990422752107994319651632687982059210933395"); - BigInteger s = new BigInteger("574973400270084654178925310019147038455227042649098563933718999175515839552"); - - BigInteger e = new BigInteger("20798893674476452017134061561508270130637142515379653289952617252661468872421"); - - byte[] kData = BigIntegers.AsUnsignedByteArray(new BigInteger("53854137677348463731403841147996619241504003434302020712960838528893196233395")); - SecureRandom k = new TestRandomBigInteger(kData); - - BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041"); - BigInteger mod_q = new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619"); - - - ECCurve curve = new FpCurve( - mod_p, - new BigInteger("7"), // a - new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414"), // b - mod_q, BigInteger.One); - - ECDomainParameters spec = new ECDomainParameters(curve, - curve.CreatePoint( - new BigInteger("2"), // x - new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280")), // y - mod_q, BigInteger.One); - - ECPrivateKeyParameters privateKey = new ECPrivateKeyParameters( - new BigInteger("55441196065363246126355624130324183196576709222340016572108097750006097525544"), // d - spec); - - ECPublicKeyParameters publicKey = new ECPublicKeyParameters(curve.CreatePoint( - new BigInteger("57520216126176808443631405023338071176630104906313632182896741342206604859403"), // x - new BigInteger("17614944419213781543809391949654080031942662045363639260709847859438286763994")), // y - spec); - - ECGost3410_2012Signer signer = new ECGost3410_2012Signer(); - signer.Init(true, new ParametersWithRandom(privateKey, k)); - - byte[] rev = e.ToByteArray(); - byte[] message = new byte[rev.Length]; - for (int i = 0; i != rev.Length; i++) - { - message[i] = rev[rev.Length - 1 - i]; - } - BigInteger[] sig = signer.GenerateSignature(message); - - signer.Init(false, publicKey); - - if (!signer.VerifySignature(message, sig[0], sig[1])) - { - Fail("ECGOST3410 2012 verification failed"); - } - - if (!r.Equals(sig[0])) - { - Fail( - ": r component wrong." + Environment.NewLine - + " expecting: " + r + Environment.NewLine - + " got : " + sig[0]); - } - - if (!s.Equals(sig[1])) - { - Fail( - ": s component wrong." + Environment.NewLine - + " expecting: " + s + Environment.NewLine - + " got : " + sig[1]); - } - - - // 256Bit - { - DerObjectIdentifier oid = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256_paramSetA; - ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGost3410NamedCurves.GetByOid(oid)); - ECGost3410Parameters gostParams = new ECGost3410Parameters(ecp, oid, - RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256, null); - ECKeyGenerationParameters parameters = new ECKeyGenerationParameters(gostParams, new SecureRandom()); - ECKeyPairGenerator engine = new ECKeyPairGenerator(); - engine.Init(parameters); - AsymmetricCipherKeyPair pair = engine.GenerateKeyPair(); - SignatureGost12Test("ECGOST3410-2012-256", 64, pair); - } - - // 512Bit - - - { - DerObjectIdentifier oid = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetA; - ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGost3410NamedCurves.GetByOid(oid)); - ECGost3410Parameters gostParams = new ECGost3410Parameters(ecp, oid, - RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512, null); - ECKeyGenerationParameters parameters = new ECKeyGenerationParameters(gostParams, new SecureRandom()); - ECKeyPairGenerator engine = new ECKeyPairGenerator(); - engine.Init(parameters); - AsymmetricCipherKeyPair pair = engine.GenerateKeyPair(); - - SignatureGost12Test("ECGOST3410-2012-512", 128, pair); - - } - } - - - - private void SignatureGost12Test(String signatureAlg, int expectedSignLen, AsymmetricCipherKeyPair p) - - { - byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; - - ECPrivateKeyParameters sKey = (ECPrivateKeyParameters)p.Private; - ECPublicKeyParameters vKey = (ECPublicKeyParameters)p.Public; - - ECGost3410_2012Signer s = new ECGost3410_2012Signer(); - - s.Init(true, sKey); - BigInteger[] sig = s.GenerateSignature(data); - - - s = new ECGost3410_2012Signer(); - s.Init(false, vKey); - - if (!s.VerifySignature(data, sig[0], sig[1])) - { - Fail("Signature " + signatureAlg + " did not verify"); - } - - // - // Test with Digest signer. - // - Gost3410DigestSigner digestSigner = new Gost3410DigestSigner( - new ECGost3410_2012Signer(), - DigestUtilities.GetDigest(((ECGost3410Parameters)vKey.Parameters).DigestParamSet)); - digestSigner.Init(true, sKey); - digestSigner.BlockUpdate(data, 0, data.Length); - byte[] sigBytes = digestSigner.GenerateSignature(); - - if (sigBytes.Length != expectedSignLen) - { - Fail(signatureAlg + " signature failed at expected length"); - } - - digestSigner = new Gost3410DigestSigner( - new ECGost3410_2012Signer(), - DigestUtilities.GetDigest(((ECGost3410Parameters)vKey.Parameters).DigestParamSet)); - digestSigner.Init(false, vKey); - digestSigner.BlockUpdate(data, 0, data.Length); - - if (!digestSigner.VerifySignature(sigBytes)) - { - Fail("Signature " + signatureAlg + " did not verify"); - } - } - - - } -} \ No newline at end of file diff --git a/crypto/test/src/crypto/test/RegressionTest.cs b/crypto/test/src/crypto/test/RegressionTest.cs index f8b5c3c79..9353ec969 100644 --- a/crypto/test/src/crypto/test/RegressionTest.cs +++ b/crypto/test/src/crypto/test/RegressionTest.cs @@ -23,6 +23,7 @@ namespace Org.BouncyCastle.Crypto.Tests new DeterministicDsaTest(), new Gost3410Test(), new ECGost3410Test(), + new ECGost3410_2012Test(), new EcIesTest(), new EcNrTest(), new MacTest(), diff --git a/crypto/test/src/util/test/FixedSecureRandom.cs b/crypto/test/src/util/test/FixedSecureRandom.cs index 1368aa231..682b3eefa 100644 --- a/crypto/test/src/util/test/FixedSecureRandom.cs +++ b/crypto/test/src/util/test/FixedSecureRandom.cs @@ -143,7 +143,7 @@ namespace Org.BouncyCastle.Utilities.Test bOut.Write(sources[i].data, 0, sources[i].data.Length); } } - catch (IOException e) + catch (IOException) { throw new ArgumentException("can't save value source."); } @@ -157,7 +157,7 @@ namespace Org.BouncyCastle.Utilities.Test { bOut.Write(sources[i].data, 0, sources[i].data.Length); } - catch (IOException e) + catch (IOException) { throw new ArgumentException("can't save value source."); } @@ -195,7 +195,7 @@ namespace Org.BouncyCastle.Utilities.Test bOut.Write(sources[i].data, 0, sources[i].data.Length); } } - catch (IOException e) + catch (IOException) { throw new ArgumentException("can't save value source."); } |