summary refs log tree commit diff
path: root/crypto
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2022-10-23 13:24:28 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2022-10-23 13:24:28 +0700
commit91d0463fd5bcfd29d8573daac2912c340fba715c (patch)
tree382edefabbe9dd4426afc5c82767a5676f44c3b2 /crypto
parentRefactoring in Pqc.Crypto.Sike (diff)
downloadBouncyCastle.NET-ed25519-91d0463fd5bcfd29d8573daac2912c340fba715c.tar.xz
SecureRandom refactoring in Cms
Diffstat (limited to 'crypto')
-rw-r--r--crypto/src/cms/CMSAuthenticatedDataGenerator.cs18


-rw-r--r--crypto/src/cms/CMSAuthenticatedDataStreamGenerator.cs20


-rw-r--r--crypto/src/cms/CMSAuthenticatedGenerator.cs15


-rw-r--r--crypto/src/cms/CMSEnvelopedDataGenerator.cs17


-rw-r--r--crypto/src/cms/CMSEnvelopedDataStreamGenerator.cs15


-rw-r--r--crypto/src/cms/CMSEnvelopedGenerator.cs22


-rw-r--r--crypto/src/cms/CMSSignedDataGenerator.cs19


-rw-r--r--crypto/src/cms/CMSSignedDataStreamGenerator.cs9


-rw-r--r--crypto/src/cms/CMSSignedGenerator.cs17


-rw-r--r--crypto/test/src/cms/test/CMSTestUtil.cs2


10 files changed, 67 insertions, 87 deletions
diff --git a/crypto/src/cms/CMSAuthenticatedDataGenerator.cs b/crypto/src/cms/CMSAuthenticatedDataGenerator.cs
index 9bfabe8b1..6c68bccd1 100644
--- a/crypto/src/cms/CMSAuthenticatedDataGenerator.cs
+++ b/crypto/src/cms/CMSAuthenticatedDataGenerator.cs
@@ -29,20 +29,14 @@ namespace Org.BouncyCastle.Cms
 	public class CmsAuthenticatedDataGenerator
 	    : CmsAuthenticatedGenerator
 	{
-	    /**
-	     * base constructor
-	     */
 	    public CmsAuthenticatedDataGenerator()
 	    {
 	    }
 
-	    /**
-	     * constructor allowing specific source of randomness
-	     * @param rand instance of SecureRandom to use
-	     */
-	    public CmsAuthenticatedDataGenerator(
-	        SecureRandom rand)
-	        : base(rand)
+        /// <summary>Constructor allowing specific source of randomness</summary>
+        /// <param name="random">Instance of <c>SecureRandom</c> to use.</param>
+	    public CmsAuthenticatedDataGenerator(SecureRandom random)
+	        : base(random)
 	    {
 	    }
 
@@ -109,7 +103,7 @@ namespace Org.BouncyCastle.Cms
 			{
 				try
 				{
-					recipientInfos.Add(rig.Generate(encKey, rand));
+					recipientInfos.Add(rig.Generate(encKey, m_random));
 				}
 				catch (InvalidKeyException e)
 				{
@@ -142,7 +136,7 @@ namespace Org.BouncyCastle.Cms
 				// FIXME Will this work for macs?
 				CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid);
 
-				keyGen.Init(new KeyGenerationParameters(rand, keyGen.DefaultStrength));
+				keyGen.Init(new KeyGenerationParameters(m_random, keyGen.DefaultStrength));
 
 				return Generate(content, encryptionOid, keyGen);
             }
diff --git a/crypto/src/cms/CMSAuthenticatedDataStreamGenerator.cs b/crypto/src/cms/CMSAuthenticatedDataStreamGenerator.cs
index d66b0aea9..b2c5cac28 100644
--- a/crypto/src/cms/CMSAuthenticatedDataStreamGenerator.cs
+++ b/crypto/src/cms/CMSAuthenticatedDataStreamGenerator.cs
@@ -42,20 +42,14 @@ namespace Org.BouncyCastle.Cms
 		private int                 _bufferSize;
 		private bool                _berEncodeRecipientSet;
 
-		/**
-		* base constructor
-		*/
 		public CmsAuthenticatedDataStreamGenerator()
 		{
 		}
 
-		/**
-		* constructor allowing specific source of randomness
-		* @param rand instance of SecureRandom to use
-		*/
-		public CmsAuthenticatedDataStreamGenerator(
-			SecureRandom rand)
-			: base(rand)
+        /// <summary>Constructor allowing specific source of randomness</summary>
+        /// <param name="random">Instance of <c>SecureRandom</c> to use.</param>
+		public CmsAuthenticatedDataStreamGenerator(SecureRandom random)
+			: base(random)
 		{
 		}
 
@@ -105,7 +99,7 @@ namespace Org.BouncyCastle.Cms
 			{
 				try
 				{
-					recipientInfos.Add(rig.Generate(encKey, rand));
+					recipientInfos.Add(rig.Generate(encKey, m_random));
 				}
 				catch (InvalidKeyException e)
 				{
@@ -195,7 +189,7 @@ namespace Org.BouncyCastle.Cms
 		{
 			CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid);
 
-			keyGen.Init(new KeyGenerationParameters(rand, keyGen.DefaultStrength));
+			keyGen.Init(new KeyGenerationParameters(m_random, keyGen.DefaultStrength));
 
 			return Open(outStr, encryptionOid, keyGen);
 		}
@@ -210,7 +204,7 @@ namespace Org.BouncyCastle.Cms
 		{
 			CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid);
 
-			keyGen.Init(new KeyGenerationParameters(rand, keySize));
+			keyGen.Init(new KeyGenerationParameters(m_random, keySize));
 
 			return Open(outStr, encryptionOid, keyGen);
 		}
diff --git a/crypto/src/cms/CMSAuthenticatedGenerator.cs b/crypto/src/cms/CMSAuthenticatedGenerator.cs
index 8824d1913..1f73c9b19 100644
--- a/crypto/src/cms/CMSAuthenticatedGenerator.cs
+++ b/crypto/src/cms/CMSAuthenticatedGenerator.cs
@@ -14,21 +14,14 @@ namespace Org.BouncyCastle.Cms
 	public class CmsAuthenticatedGenerator
 		: CmsEnvelopedGenerator
 	{
-		/**
-		* base constructor
-		*/
 		public CmsAuthenticatedGenerator()
 		{
 		}
 
-		/**
-		* constructor allowing specific source of randomness
-		*
-		* @param rand instance of SecureRandom to use
-		*/
-		public CmsAuthenticatedGenerator(
-			SecureRandom rand)
-			: base(rand)
+        /// <summary>Constructor allowing specific source of randomness</summary>
+        /// <param name="random">Instance of <c>SecureRandom</c> to use.</param>
+        public CmsAuthenticatedGenerator(SecureRandom random)
+			: base(random)
 		{
 		}
 	}
diff --git a/crypto/src/cms/CMSEnvelopedDataGenerator.cs b/crypto/src/cms/CMSEnvelopedDataGenerator.cs
index d646480e0..1b618b331 100644
--- a/crypto/src/cms/CMSEnvelopedDataGenerator.cs
+++ b/crypto/src/cms/CMSEnvelopedDataGenerator.cs
@@ -33,10 +33,9 @@ namespace Org.BouncyCastle.Cms
         }
 
 		/// <summary>Constructor allowing specific source of randomness</summary>
-		/// <param name="rand">Instance of <c>SecureRandom</c> to use.</param>
-		public CmsEnvelopedDataGenerator(
-			SecureRandom rand)
-			: base(rand)
+		/// <param name="random">Instance of <c>SecureRandom</c> to use.</param>
+		public CmsEnvelopedDataGenerator(SecureRandom random)
+			: base(random)
 		{
 		}
 
@@ -65,7 +64,7 @@ namespace Org.BouncyCastle.Cms
 					encryptionOid, encKey, asn1Params, out cipherParameters);
 
 				IBufferedCipher cipher = CipherUtilities.GetCipher(encryptionOid);
-				cipher.Init(true, new ParametersWithRandom(cipherParameters, rand));
+				cipher.Init(true, new ParametersWithRandom(cipherParameters, m_random));
 
 				MemoryStream bOut = new MemoryStream();
 				CipherStream cOut = new CipherStream(bOut, null, cipher);
@@ -96,7 +95,7 @@ namespace Org.BouncyCastle.Cms
             {
                 try
                 {
-                    recipientInfos.Add(rig.Generate(encKey, rand));
+                    recipientInfos.Add(rig.Generate(encKey, m_random));
                 }
                 catch (InvalidKeyException e)
                 {
@@ -138,7 +137,7 @@ namespace Org.BouncyCastle.Cms
             {
 				CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid);
                
-				keyGen.Init(new KeyGenerationParameters(rand, keyGen.DefaultStrength));
+				keyGen.Init(new KeyGenerationParameters(m_random, keyGen.DefaultStrength));
 
 				return Generate(content, encryptionOid, keyGen);
             }
@@ -185,7 +184,7 @@ namespace Org.BouncyCastle.Cms
             {
                 try
                 {
-                    recipientInfos.Add(rig.Generate(encKey, rand));
+                    recipientInfos.Add(rig.Generate(encKey, m_random));
                 }
                 catch (InvalidKeyException e)
                 {
@@ -228,7 +227,7 @@ namespace Org.BouncyCastle.Cms
             {
 				CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid);
 
-				keyGen.Init(new KeyGenerationParameters(rand, keySize));
+				keyGen.Init(new KeyGenerationParameters(m_random, keySize));
 
 				return Generate(content, encryptionOid, keyGen);
             }
diff --git a/crypto/src/cms/CMSEnvelopedDataStreamGenerator.cs b/crypto/src/cms/CMSEnvelopedDataStreamGenerator.cs
index 4a8b57aad..6a362e13f 100644
--- a/crypto/src/cms/CMSEnvelopedDataStreamGenerator.cs
+++ b/crypto/src/cms/CMSEnvelopedDataStreamGenerator.cs
@@ -46,10 +46,9 @@ namespace Org.BouncyCastle.Cms
 		}
 
 		/// <summary>Constructor allowing specific source of randomness</summary>
-		/// <param name="rand">Instance of <c>SecureRandom</c> to use.</param>
-		public CmsEnvelopedDataStreamGenerator(
-			SecureRandom rand)
-			: base(rand)
+		/// <param name="random">Instance of <c>SecureRandom</c> to use.</param>
+		public CmsEnvelopedDataStreamGenerator(SecureRandom random)
+			: base(random)
 		{
 		}
 
@@ -104,7 +103,7 @@ namespace Org.BouncyCastle.Cms
 			{
 				try
 				{
-					recipientInfos.Add(rig.Generate(encKey, rand));
+					recipientInfos.Add(rig.Generate(encKey, m_random));
 				}
 				catch (InvalidKeyException e)
 				{
@@ -162,7 +161,7 @@ namespace Org.BouncyCastle.Cms
 					eiGen.GetRawOutputStream(), 0, false, _bufferSize);
 
                 IBufferedCipher cipher = CipherUtilities.GetCipher(encAlgID.Algorithm);
-				cipher.Init(true, new ParametersWithRandom(cipherParameters, rand));
+				cipher.Init(true, new ParametersWithRandom(cipherParameters, m_random));
 				CipherStream cOut = new CipherStream(octetOutputStream, null, cipher);
 
 				return new CmsEnvelopedDataOutputStream(this, cOut, cGen, envGen, eiGen);
@@ -191,7 +190,7 @@ namespace Org.BouncyCastle.Cms
 		{
 			CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid);
 
-			keyGen.Init(new KeyGenerationParameters(rand, keyGen.DefaultStrength));
+			keyGen.Init(new KeyGenerationParameters(m_random, keyGen.DefaultStrength));
 
 			return Open(outStream, encryptionOid, keyGen);
 		}
@@ -207,7 +206,7 @@ namespace Org.BouncyCastle.Cms
 		{
 			CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid);
 
-			keyGen.Init(new KeyGenerationParameters(rand, keySize));
+			keyGen.Init(new KeyGenerationParameters(m_random, keySize));
 
 			return Open(outStream, encryptionOid, keyGen);
 		}
diff --git a/crypto/src/cms/CMSEnvelopedGenerator.cs b/crypto/src/cms/CMSEnvelopedGenerator.cs
index e0a94c4d3..eef572878 100644
--- a/crypto/src/cms/CMSEnvelopedGenerator.cs
+++ b/crypto/src/cms/CMSEnvelopedGenerator.cs
@@ -30,7 +30,7 @@ namespace Org.BouncyCastle.Cms
 	*      CMSEnvelopedData         data = fact.generate(content, algorithm, "BC");
 	* </pre>
 	*/
-	public class CmsEnvelopedGenerator
+	public abstract class CmsEnvelopedGenerator
 	{
 		// Note: These tables are complementary: If rc2Table[i]==j, then rc2Ekb[j]==i
 		internal static readonly short[] rc2Table =
@@ -100,21 +100,23 @@ namespace Org.BouncyCastle.Cms
 		public static readonly string ECMqvSha1Kdf		= X9ObjectIdentifiers.MqvSinglePassSha1KdfScheme.Id;
 
 		internal readonly IList<RecipientInfoGenerator> recipientInfoGenerators = new List<RecipientInfoGenerator>();
-		internal readonly SecureRandom rand;
+		internal readonly SecureRandom m_random;
 
         internal CmsAttributeTableGenerator unprotectedAttributeGenerator = null;
 
-		public CmsEnvelopedGenerator()
-			: this(new SecureRandom())
+        protected CmsEnvelopedGenerator()
+			: this(CryptoServicesRegistrar.GetSecureRandom())
 		{
 		}
 
 		/// <summary>Constructor allowing specific source of randomness</summary>
-		/// <param name="rand">Instance of <c>SecureRandom</c> to use.</param>
-		public CmsEnvelopedGenerator(
-			SecureRandom rand)
+		/// <param name="random">Instance of <c>SecureRandom</c> to use.</param>
+		protected CmsEnvelopedGenerator(SecureRandom random)
 		{
-			this.rand = rand;
+			if (random == null)
+				throw new ArgumentNullException(nameof(random));
+
+			m_random = random;
 		}
 
         public CmsAttributeTableGenerator UnprotectedAttributeGenerator
@@ -304,7 +306,7 @@ namespace Org.BouncyCastle.Cms
 				if (encryptionOid.Equals(RC2Cbc))
 				{
 					byte[] iv = new byte[8];
-					rand.NextBytes(iv);
+                    m_random.NextBytes(iv);
 
 					// TODO Is this detailed repeat of Java version really necessary?
 					int effKeyBits = encKeyBytes.Length * 8;
@@ -323,7 +325,7 @@ namespace Org.BouncyCastle.Cms
 				}
 				else
 				{
-					asn1Params = ParameterUtilities.GenerateParameters(encryptionOid, rand);
+					asn1Params = ParameterUtilities.GenerateParameters(encryptionOid, m_random);
 				}
 			}
 			catch (SecurityUtilityException)
diff --git a/crypto/src/cms/CMSSignedDataGenerator.cs b/crypto/src/cms/CMSSignedDataGenerator.cs
index c2304a09b..fff22e057 100644
--- a/crypto/src/cms/CMSSignedDataGenerator.cs
+++ b/crypto/src/cms/CMSSignedDataGenerator.cs
@@ -55,6 +55,7 @@ namespace Org.BouncyCastle.Cms
 			internal SignerInf(
                 CmsSignedGenerator			outer,
 	            AsymmetricKeyParameter		key,
+				SecureRandom                random,
 	            SignerIdentifier			signerIdentifier,
 	            string						digestOID,
 	            string						encOID,
@@ -67,7 +68,7 @@ namespace Org.BouncyCastle.Cms
                 string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(encOID);
 
                 this.outer = outer;
-                this.sigCalc = new Asn1SignatureFactory(signatureName, key);
+                this.sigCalc = new Asn1SignatureFactory(signatureName, key, random);
                 this.signerIdentifier = signerIdentifier;
                 this.digestOID = digestOID;
                 this.encOID = encOID;
@@ -110,10 +111,7 @@ namespace Org.BouncyCastle.Cms
 				get { return unsAttr; }
             }
 
-			internal SignerInfo ToSignerInfo(
-                DerObjectIdentifier	contentType,
-                CmsProcessable		content,
-				SecureRandom		random)
+			internal SignerInfo ToSignerInfo(DerObjectIdentifier contentType, CmsProcessable content)
             {
                 AlgorithmIdentifier digAlgId = DigestAlgorithmID;
 				string digestName = Helper.GetDigestAlgName(digestOID);
@@ -196,10 +194,9 @@ namespace Org.BouncyCastle.Cms
         }
 
 		/// <summary>Constructor allowing specific source of randomness</summary>
-		/// <param name="rand">Instance of <c>SecureRandom</c> to use.</param>
-		public CmsSignedDataGenerator(
-			SecureRandom rand)
-			: base(rand)
+		/// <param name="random">Instance of <c>SecureRandom</c> to use.</param>
+		public CmsSignedDataGenerator(SecureRandom random)
+			: base(random)
 		{
 		}
 
@@ -425,7 +422,7 @@ namespace Org.BouncyCastle.Cms
 			CmsAttributeTableGenerator  unsignedAttrGen,
 			Asn1.Cms.AttributeTable		baseSignedTable)
 		{
-			signerInfs.Add(new SignerInf(this, privateKey, signerIdentifier, digestOID, encryptionOID,
+			signerInfs.Add(new SignerInf(this, privateKey, m_random, signerIdentifier, digestOID, encryptionOID,
 				signedAttrGen, unsignedAttrGen, baseSignedTable));
 		}
 
@@ -480,7 +477,7 @@ namespace Org.BouncyCastle.Cms
 				try
                 {
 					digestAlgs.Add(signer.DigestAlgorithmID);
-                    signerInfos.Add(signer.ToSignerInfo(contentTypeOid, content, rand));
+                    signerInfos.Add(signer.ToSignerInfo(contentTypeOid, content));
 				}
                 catch (IOException e)
                 {
diff --git a/crypto/src/cms/CMSSignedDataStreamGenerator.cs b/crypto/src/cms/CMSSignedDataStreamGenerator.cs
index 96200fc8c..f934b9259 100644
--- a/crypto/src/cms/CMSSignedDataStreamGenerator.cs
+++ b/crypto/src/cms/CMSSignedDataStreamGenerator.cs
@@ -137,7 +137,7 @@ namespace Org.BouncyCastle.Cms
 					}
 				}
 
-				_sig.Init(true, new ParametersWithRandom(key, outer.rand));
+				_sig.Init(true, new ParametersWithRandom(key, outer.m_random));
 			}
 
 			public SignerInfo Generate(DerObjectIdentifier contentType, AlgorithmIdentifier digestAlgorithm,
@@ -234,10 +234,9 @@ namespace Org.BouncyCastle.Cms
         }
 
 		/// <summary>Constructor allowing specific source of randomness</summary>
-		/// <param name="rand">Instance of <c>SecureRandom</c> to use.</param>
-		public CmsSignedDataStreamGenerator(
-			SecureRandom rand)
-			: base(rand)
+		/// <param name="random">Instance of <c>SecureRandom</c> to use.</param>
+		public CmsSignedDataStreamGenerator(SecureRandom random)
+			: base(random)
 		{
 		}
 
diff --git a/crypto/src/cms/CMSSignedGenerator.cs b/crypto/src/cms/CMSSignedGenerator.cs
index 58f66f214..c16f6e83c 100644
--- a/crypto/src/cms/CMSSignedGenerator.cs
+++ b/crypto/src/cms/CMSSignedGenerator.cs
@@ -15,6 +15,7 @@ using Org.BouncyCastle.Asn1.Rosstandart;
 using Org.BouncyCastle.Asn1.TeleTrust;
 using Org.BouncyCastle.Asn1.X509;
 using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Security;
 using Org.BouncyCastle.Utilities.Collections;
 using Org.BouncyCastle.X509;
@@ -481,7 +482,7 @@ namespace Org.BouncyCastle.Cms
         }
     }
 
-    public class CmsSignedGenerator
+    public abstract class CmsSignedGenerator
     {
         /**
         * Default type for the signed data.
@@ -516,19 +517,21 @@ namespace Org.BouncyCastle.Cms
         internal bool _useDerForCerts = false;
         internal bool _useDerForCrls = false;
 
-        protected readonly SecureRandom rand;
+        protected readonly SecureRandom m_random;
 
         protected CmsSignedGenerator()
-            : this(new SecureRandom())
+            : this(CryptoServicesRegistrar.GetSecureRandom())
         {
         }
 
         /// <summary>Constructor allowing specific source of randomness</summary>
-        /// <param name="rand">Instance of <c>SecureRandom</c> to use.</param>
-        protected CmsSignedGenerator(
-            SecureRandom rand)
+        /// <param name="random">Instance of <c>SecureRandom</c> to use.</param>
+        protected CmsSignedGenerator(SecureRandom random)
         {
-            this.rand = rand;
+            if (random == null)
+                throw new ArgumentNullException(nameof(random));
+
+            m_random = random;
         }
 
         internal protected virtual IDictionary<CmsAttributeTableParameter, object> GetBaseParameters(
diff --git a/crypto/test/src/cms/test/CMSTestUtil.cs b/crypto/test/src/cms/test/CMSTestUtil.cs
index 016260625..e98810c84 100644
--- a/crypto/test/src/cms/test/CMSTestUtil.cs
+++ b/crypto/test/src/cms/test/CMSTestUtil.cs
@@ -396,7 +396,7 @@ namespace Org.BouncyCastle.Cms.Tests
 
 			crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public));
 
-			return crlGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", pair.Private, null));
+			return crlGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", pair.Private, Random));
 		}
 
         /*

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-19 22:15:05 +0000