diff --git a/crypto/src/math/ec/ECCurve.cs b/crypto/src/math/ec/ECCurve.cs
index c0e27a449..52d634cd2 100644
--- a/crypto/src/math/ec/ECCurve.cs
+++ b/crypto/src/math/ec/ECCurve.cs
@@ -721,13 +721,8 @@ namespace Org.BouncyCastle.Math.EC
this.m_coord = FP_DEFAULT_COORDS;
}
- [Obsolete("Use constructor taking order/cofactor")]
- protected FpCurve(BigInteger q, BigInteger r, ECFieldElement a, ECFieldElement b)
- : this(q, r, a, b, null, null)
- {
- }
-
- protected FpCurve(BigInteger q, BigInteger r, ECFieldElement a, ECFieldElement b, BigInteger order, BigInteger cofactor)
+ internal FpCurve(BigInteger q, BigInteger r, ECFieldElement a, ECFieldElement b, BigInteger order,
+ BigInteger cofactor)
: base(q)
{
this.m_q = q;
@@ -777,6 +772,9 @@ namespace Org.BouncyCastle.Math.EC
public override ECFieldElement FromBigInteger(BigInteger x)
{
+ if (x == null || x.SignValue < 0 || x.CompareTo(m_q) >= 0)
+ throw new ArgumentException("value invalid for Fp field element", "x");
+
return new FpFieldElement(this.m_q, this.m_r, x);
}
@@ -873,32 +871,11 @@ namespace Org.BouncyCastle.Math.EC
private static IFiniteField BuildField(int m, int k1, int k2, int k3)
{
- if (k1 == 0)
- {
- throw new ArgumentException("k1 must be > 0");
- }
-
- if (k2 == 0)
- {
- if (k3 != 0)
- {
- throw new ArgumentException("k3 must be 0 if k2 == 0");
- }
-
- return FiniteFields.GetBinaryExtensionField(new int[]{ 0, k1, m });
- }
-
- if (k2 <= k1)
- {
- throw new ArgumentException("k2 must be > k1");
- }
-
- if (k3 <= k2)
- {
- throw new ArgumentException("k3 must be > k2");
- }
+ int[] exponents = (k2 | k3) == 0
+ ? new int[]{ 0, k1, m }
+ : new int[]{ 0, k1, k2, k3, m };
- return FiniteFields.GetBinaryExtensionField(new int[]{ 0, k1, k2, k3, m });
+ return FiniteFields.GetBinaryExtensionField(exponents);
}
protected AbstractF2mCurve(int m, int k1, int k2, int k3)
@@ -1253,15 +1230,8 @@ namespace Org.BouncyCastle.Math.EC
* @param cofactor The cofactor of the elliptic curve, i.e.
* <code>#E<sub>a</sub>(F<sub>2<sup>m</sup></sub>) = h * n</code>.
*/
- public F2mCurve(
- int m,
- int k1,
- int k2,
- int k3,
- BigInteger a,
- BigInteger b,
- BigInteger order,
- BigInteger cofactor)
+ public F2mCurve(int m, int k1, int k2, int k3, BigInteger a, BigInteger b, BigInteger order,
+ BigInteger cofactor)
: base(m, k1, k2, k3)
{
this.m = m;
@@ -1272,29 +1242,13 @@ namespace Org.BouncyCastle.Math.EC
this.m_cofactor = cofactor;
this.m_infinity = new F2mPoint(this, null, null);
- if (k1 == 0)
- throw new ArgumentException("k1 must be > 0");
-
- if (k2 == 0)
- {
- if (k3 != 0)
- throw new ArgumentException("k3 must be 0 if k2 == 0");
- }
- else
- {
- if (k2 <= k1)
- throw new ArgumentException("k2 must be > k1");
-
- if (k3 <= k2)
- throw new ArgumentException("k3 must be > k2");
- }
-
this.m_a = FromBigInteger(a);
this.m_b = FromBigInteger(b);
this.m_coord = F2M_DEFAULT_COORDS;
}
- protected F2mCurve(int m, int k1, int k2, int k3, ECFieldElement a, ECFieldElement b, BigInteger order, BigInteger cofactor)
+ internal F2mCurve(int m, int k1, int k2, int k3, ECFieldElement a, ECFieldElement b, BigInteger order,
+ BigInteger cofactor)
: base(m, k1, k2, k3)
{
this.m = m;
@@ -1303,8 +1257,8 @@ namespace Org.BouncyCastle.Math.EC
this.k3 = k3;
this.m_order = order;
this.m_cofactor = cofactor;
-
this.m_infinity = new F2mPoint(this, null, null);
+
this.m_a = a;
this.m_b = b;
this.m_coord = F2M_DEFAULT_COORDS;
@@ -1345,7 +1299,14 @@ namespace Org.BouncyCastle.Math.EC
public override ECFieldElement FromBigInteger(BigInteger x)
{
- return new F2mFieldElement(this.m, this.k1, this.k2, this.k3, x);
+ if (x == null || x.SignValue < 0 || x.BitLength > m)
+ throw new ArgumentException("value invalid for F2m field element", "x");
+
+ int[] ks = (k2 | k3) == 0
+ ? new int[]{ k1 }
+ : new int[]{ k1, k2, k3 };
+
+ return new F2mFieldElement(m, ks, new LongArray(x));
}
protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y)
@@ -1470,7 +1431,9 @@ namespace Org.BouncyCastle.Math.EC
private ECPoint CreatePoint(long[] x, long[] y)
{
int m = m_outer.m;
- int[] ks = m_outer.IsTrinomial() ? new int[] { m_outer.k1 } : new int[] { m_outer.k1, m_outer.k2, m_outer.k3 };
+ int[] ks = m_outer.IsTrinomial()
+ ? new int[]{ m_outer.k1 }
+ : new int[]{ m_outer.k1, m_outer.k2, m_outer.k3 };
ECFieldElement X = new F2mFieldElement(m, ks, new LongArray(x));
ECFieldElement Y = new F2mFieldElement(m, ks, new LongArray(y));
diff --git a/crypto/src/math/ec/ECFieldElement.cs b/crypto/src/math/ec/ECFieldElement.cs
index ed530b6b7..774dfb9f1 100644
--- a/crypto/src/math/ec/ECFieldElement.cs
+++ b/crypto/src/math/ec/ECFieldElement.cs
@@ -128,17 +128,8 @@ namespace Org.BouncyCastle.Math.EC
return null;
}
- [Obsolete("Use ECCurve.FromBigInteger to construct field elements")]
- public FpFieldElement(BigInteger q, BigInteger x)
- : this(q, CalculateResidue(q), x)
- {
- }
-
internal FpFieldElement(BigInteger q, BigInteger r, BigInteger x)
{
- if (x == null || x.SignValue < 0 || x.CompareTo(q) >= 0)
- throw new ArgumentException("value invalid in Fp field element", "x");
-
this.q = q;
this.r = r;
this.x = x;
@@ -649,71 +640,6 @@ namespace Org.BouncyCastle.Math.EC
*/
internal LongArray x;
- /**
- * Constructor for Ppb.
- * @param m The exponent <code>m</code> of
- * <code>F<sub>2<sup>m</sup></sub></code>.
- * @param k1 The integer <code>k1</code> where <code>x<sup>m</sup> +
- * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
- * represents the reduction polynomial <code>f(z)</code>.
- * @param k2 The integer <code>k2</code> where <code>x<sup>m</sup> +
- * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
- * represents the reduction polynomial <code>f(z)</code>.
- * @param k3 The integer <code>k3</code> where <code>x<sup>m</sup> +
- * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
- * represents the reduction polynomial <code>f(z)</code>.
- * @param x The BigInteger representing the value of the field element.
- */
- [Obsolete("Use ECCurve.FromBigInteger to construct field elements")]
- public F2mFieldElement(
- int m,
- int k1,
- int k2,
- int k3,
- BigInteger x)
- {
- if (x == null || x.SignValue < 0 || x.BitLength > m)
- throw new ArgumentException("value invalid in F2m field element", "x");
-
- if ((k2 == 0) && (k3 == 0))
- {
- this.representation = Tpb;
- this.ks = new int[] { k1 };
- }
- else
- {
- if (k2 >= k3)
- throw new ArgumentException("k2 must be smaller than k3");
- if (k2 <= 0)
- throw new ArgumentException("k2 must be larger than 0");
-
- this.representation = Ppb;
- this.ks = new int[] { k1, k2, k3 };
- }
-
- this.m = m;
- this.x = new LongArray(x);
- }
-
- /**
- * Constructor for Tpb.
- * @param m The exponent <code>m</code> of
- * <code>F<sub>2<sup>m</sup></sub></code>.
- * @param k The integer <code>k</code> where <code>x<sup>m</sup> +
- * x<sup>k</sup> + 1</code> represents the reduction
- * polynomial <code>f(z)</code>.
- * @param x The BigInteger representing the value of the field element.
- */
- [Obsolete("Use ECCurve.FromBigInteger to construct field elements")]
- public F2mFieldElement(
- int m,
- int k,
- BigInteger x)
- : this(m, k, 0, 0, x)
- {
- // Set k1 to k, and set k2 and k3 to 0
- }
-
internal F2mFieldElement(int m, int[] ks, LongArray x)
{
this.m = m;
diff --git a/crypto/src/pkcs/PKCS12StoreBuilder.cs b/crypto/src/pkcs/PKCS12StoreBuilder.cs
index b61a9ea63..50d927af7 100644
--- a/crypto/src/pkcs/PKCS12StoreBuilder.cs
+++ b/crypto/src/pkcs/PKCS12StoreBuilder.cs
@@ -10,7 +10,6 @@ namespace Org.BouncyCastle.Pkcs
private DerObjectIdentifier keyAlgorithm = PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc;
private DerObjectIdentifier certAlgorithm = PkcsObjectIdentifiers.PbewithShaAnd40BitRC2Cbc;
private DerObjectIdentifier keyPrfAlgorithm = null;
- private DerObjectIdentifier certPrfAlgorithm = null;
private bool useDerEncoding = false;
public Pkcs12StoreBuilder()
@@ -19,7 +18,7 @@ namespace Org.BouncyCastle.Pkcs
public Pkcs12Store Build()
{
- return new Pkcs12Store(keyAlgorithm, keyPrfAlgorithm, certAlgorithm, certPrfAlgorithm, useDerEncoding);
+ return new Pkcs12Store(keyAlgorithm, keyPrfAlgorithm, certAlgorithm, useDerEncoding);
}
public Pkcs12StoreBuilder SetCertAlgorithm(DerObjectIdentifier certAlgorithm)
diff --git a/crypto/src/pkcs/Pkcs12Store.cs b/crypto/src/pkcs/Pkcs12Store.cs
index 1e951ace5..d09b8828f 100644
--- a/crypto/src/pkcs/Pkcs12Store.cs
+++ b/crypto/src/pkcs/Pkcs12Store.cs
@@ -29,7 +29,6 @@ namespace Org.BouncyCastle.Pkcs
private readonly DerObjectIdentifier keyAlgorithm;
private readonly DerObjectIdentifier keyPrfAlgorithm;
private readonly DerObjectIdentifier certAlgorithm;
- private readonly DerObjectIdentifier certPrfAlgorithm;
private readonly bool useDerEncoding;
private AsymmetricKeyEntry unmarkedKeyEntry = null;
@@ -85,50 +84,15 @@ namespace Org.BouncyCastle.Pkcs
}
}
- internal Pkcs12Store(
- DerObjectIdentifier keyAlgorithm,
- DerObjectIdentifier certAlgorithm,
- bool useDerEncoding)
- {
- this.keyAlgorithm = keyAlgorithm;
- this.keyPrfAlgorithm = null;
- this.certAlgorithm = certAlgorithm;
- this.certPrfAlgorithm = null;
- this.useDerEncoding = useDerEncoding;
- }
-
- internal Pkcs12Store(
- DerObjectIdentifier keyAlgorithm,
- DerObjectIdentifier keyPrfAlgorithm,
- DerObjectIdentifier certAlgorithm,
- DerObjectIdentifier certPrfAlgorithm,
- bool useDerEncoding)
+ internal Pkcs12Store(DerObjectIdentifier keyAlgorithm, DerObjectIdentifier keyPrfAlgorithm,
+ DerObjectIdentifier certAlgorithm, bool useDerEncoding)
{
this.keyAlgorithm = keyAlgorithm;
this.keyPrfAlgorithm = keyPrfAlgorithm;
this.certAlgorithm = certAlgorithm;
- this.certPrfAlgorithm = certPrfAlgorithm;
this.useDerEncoding = useDerEncoding;
}
- // TODO Consider making obsolete
- // [Obsolete("Use 'Pkcs12StoreBuilder' instead")]
- public Pkcs12Store()
- : this(PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc,
- PkcsObjectIdentifiers.PbewithShaAnd40BitRC2Cbc, false)
- {
- }
-
- // TODO Consider making obsolete
-// [Obsolete("Use 'Pkcs12StoreBuilder' and 'Load' method instead")]
- public Pkcs12Store(
- Stream input,
- char[] password)
- : this()
- {
- Load(input, password);
- }
-
protected virtual void LoadKeyBag(PrivateKeyInfo privKeyInfo, Asn1Set bagAttributes)
{
AsymmetricKeyParameter privKey = PrivateKeyFactory.CreateKey(privKeyInfo);
diff --git a/crypto/src/security/SignerUtilities.cs b/crypto/src/security/SignerUtilities.cs
index 8a289897e..b3a49dea8 100644
--- a/crypto/src/security/SignerUtilities.cs
+++ b/crypto/src/security/SignerUtilities.cs
@@ -690,7 +690,7 @@ namespace Org.BouncyCastle.Security
public static ISigner InitSigner(string algorithm, bool forSigning, AsymmetricKeyParameter privateKey, SecureRandom random)
{
- ISigner signer = SignerUtilities.GetSigner(algorithm);
+ ISigner signer = GetSigner(algorithm);
signer.Init(forSigning, ParameterUtilities.WithRandom(privateKey, random));
return signer;
}
diff --git a/crypto/src/x509/X509V1CertificateGenerator.cs b/crypto/src/x509/X509V1CertificateGenerator.cs
index c571d2525..99543778b 100644
--- a/crypto/src/x509/X509V1CertificateGenerator.cs
+++ b/crypto/src/x509/X509V1CertificateGenerator.cs
@@ -4,9 +4,7 @@ using System.Collections;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Math;
-using Org.BouncyCastle.Security;
using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.X509
@@ -16,10 +14,7 @@ namespace Org.BouncyCastle.X509
/// </summary>
public class X509V1CertificateGenerator
{
- private V1TbsCertificateGenerator tbsGen;
- private DerObjectIdentifier sigOID;
- private AlgorithmIdentifier sigAlgId;
- private string signatureAlgorithm;
+ private V1TbsCertificateGenerator tbsGen;
/// <summary>
/// Default Constructor.
@@ -115,68 +110,17 @@ namespace Org.BouncyCastle.X509
}
/// <summary>
- /// Set the signature algorithm that will be used to sign this certificate.
- /// This can be either a name or an OID, names are treated as case insensitive.
- /// </summary>
- /// <param name="signatureAlgorithm">string representation of the algorithm name</param>
- [Obsolete("Not needed if Generate used with an ISignatureFactory")]
- public void SetSignatureAlgorithm(
- string signatureAlgorithm)
- {
- this.signatureAlgorithm = signatureAlgorithm;
-
- try
- {
- sigOID = X509Utilities.GetAlgorithmOid(signatureAlgorithm);
- }
- catch (Exception)
- {
- throw new ArgumentException("Unknown signature type requested", "signatureAlgorithm");
- }
-
- sigAlgId = X509Utilities.GetSigAlgID(sigOID, signatureAlgorithm);
-
- tbsGen.SetSignature(sigAlgId);
- }
-
- /// <summary>
- /// Generate a new X509Certificate.
- /// </summary>
- /// <param name="privateKey">The private key of the issuer used to sign this certificate.</param>
- /// <returns>An X509Certificate.</returns>
- [Obsolete("Use Generate with an ISignatureFactory")]
- public X509Certificate Generate(
- AsymmetricKeyParameter privateKey)
- {
- return Generate(privateKey, null);
- }
-
- /// <summary>
- /// Generate a new X509Certificate specifying a SecureRandom instance that you would like to use.
- /// </summary>
- /// <param name="privateKey">The private key of the issuer used to sign this certificate.</param>
- /// <param name="random">The Secure Random you want to use.</param>
- /// <returns>An X509Certificate.</returns>
- [Obsolete("Use Generate with an ISignatureFactory")]
- public X509Certificate Generate(
- AsymmetricKeyParameter privateKey,
- SecureRandom random)
- {
- return Generate(new Asn1SignatureFactory(signatureAlgorithm, privateKey, random));
- }
-
- /// <summary>
/// Generate a new X509Certificate using the passed in SignatureCalculator.
/// </summary>
- /// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param>
+ /// <param name="signatureFactory">A signature calculator factory with the necessary algorithm details.</param>
/// <returns>An X509Certificate.</returns>
- public X509Certificate Generate(ISignatureFactory signatureCalculatorFactory)
+ public X509Certificate Generate(ISignatureFactory signatureFactory)
{
- tbsGen.SetSignature ((AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails);
+ tbsGen.SetSignature((AlgorithmIdentifier)signatureFactory.AlgorithmDetails);
TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate();
- IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator();
+ IStreamCalculator streamCalculator = signatureFactory.CreateCalculator();
byte[] encoded = tbsCert.GetDerEncoded();
@@ -184,7 +128,8 @@ namespace Org.BouncyCastle.X509
Platform.Dispose(streamCalculator.Stream);
- return GenerateJcaObject(tbsCert, (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails, ((IBlockResult)streamCalculator.GetResult()).Collect());
+ return GenerateJcaObject(tbsCert, (AlgorithmIdentifier)signatureFactory.AlgorithmDetails,
+ ((IBlockResult)streamCalculator.GetResult()).Collect());
}
private X509Certificate GenerateJcaObject(
diff --git a/crypto/src/x509/X509V2AttributeCertificateGenerator.cs b/crypto/src/x509/X509V2AttributeCertificateGenerator.cs
index f49eea63f..643604181 100644
--- a/crypto/src/x509/X509V2AttributeCertificateGenerator.cs
+++ b/crypto/src/x509/X509V2AttributeCertificateGenerator.cs
@@ -4,9 +4,7 @@ using System.Collections;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Math;
-using Org.BouncyCastle.Security;
using Org.BouncyCastle.Security.Certificates;
using Org.BouncyCastle.Utilities;
@@ -17,10 +15,7 @@ namespace Org.BouncyCastle.X509
{
private readonly X509ExtensionsGenerator extGenerator = new X509ExtensionsGenerator();
- private V2AttributeCertificateInfoGenerator acInfoGen;
- private DerObjectIdentifier sigOID;
- private AlgorithmIdentifier sigAlgId;
- private string signatureAlgorithm;
+ private V2AttributeCertificateInfoGenerator acInfoGen;
public X509V2AttributeCertificateGenerator()
{
@@ -67,31 +62,6 @@ namespace Org.BouncyCastle.X509
acInfoGen.SetEndDate(new DerGeneralizedTime(date));
}
- /// <summary>
- /// Set the signature algorithm. This can be either a name or an OID, names
- /// are treated as case insensitive.
- /// </summary>
- /// <param name="signatureAlgorithm">The algorithm name.</param>
- [Obsolete("Not needed if Generate used with an ISignatureFactory")]
- public void SetSignatureAlgorithm(
- string signatureAlgorithm)
- {
- this.signatureAlgorithm = signatureAlgorithm;
-
- try
- {
- sigOID = X509Utilities.GetAlgorithmOid(signatureAlgorithm);
- }
- catch (Exception)
- {
- throw new ArgumentException("Unknown signature type requested");
- }
-
- sigAlgId = X509Utilities.GetSigAlgID(sigOID, signatureAlgorithm);
-
- acInfoGen.SetSignature(sigAlgId);
- }
-
/// <summary>Add an attribute.</summary>
public void AddAttribute(
X509Attribute attribute)
@@ -130,28 +100,6 @@ namespace Org.BouncyCastle.X509
}
/// <summary>
- /// Generate an X509 certificate, based on the current issuer and subject.
- /// </summary>
- [Obsolete("Use Generate with an ISignatureFactory")]
- public IX509AttributeCertificate Generate(
- AsymmetricKeyParameter privateKey)
- {
- return Generate(privateKey, null);
- }
-
- /// <summary>
- /// Generate an X509 certificate, based on the current issuer and subject,
- /// using the supplied source of randomness, if required.
- /// </summary>
- [Obsolete("Use Generate with an ISignatureFactory")]
- public IX509AttributeCertificate Generate(
- AsymmetricKeyParameter privateKey,
- SecureRandom random)
- {
- return Generate(new Asn1SignatureFactory(signatureAlgorithm, privateKey, random));
- }
-
- /// <summary>
/// Generate a new X.509 Attribute Certificate using the passed in SignatureCalculator.
/// </summary>
/// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param>
diff --git a/crypto/src/x509/X509V2CRLGenerator.cs b/crypto/src/x509/X509V2CRLGenerator.cs
index d16178ffa..ba5c7de2d 100644
--- a/crypto/src/x509/X509V2CRLGenerator.cs
+++ b/crypto/src/x509/X509V2CRLGenerator.cs
@@ -21,10 +21,7 @@ namespace Org.BouncyCastle.X509
{
private readonly X509ExtensionsGenerator extGenerator = new X509ExtensionsGenerator();
- private V2TbsCertListGenerator tbsGen;
- private DerObjectIdentifier sigOID;
- private AlgorithmIdentifier sigAlgId;
- private string signatureAlgorithm;
+ private V2TbsCertListGenerator tbsGen;
public X509V2CrlGenerator()
{
@@ -130,30 +127,6 @@ namespace Org.BouncyCastle.X509
}
}
- /// <summary>
- /// Set the signature algorithm that will be used to sign this CRL.
- /// </summary>
- /// <param name="signatureAlgorithm"/>
- [Obsolete("Not needed if Generate used with an ISignatureFactory")]
- public void SetSignatureAlgorithm(
- string signatureAlgorithm)
- {
- this.signatureAlgorithm = signatureAlgorithm;
-
- try
- {
- sigOID = X509Utilities.GetAlgorithmOid(signatureAlgorithm);
- }
- catch (Exception e)
- {
- throw new ArgumentException("Unknown signature type requested", e);
- }
-
- sigAlgId = X509Utilities.GetSigAlgID(sigOID, signatureAlgorithm);
-
- tbsGen.SetSignature(sigAlgId);
- }
-
/**
* add a given extension field for the standard extensions tag (tag 0)
*/
@@ -199,32 +172,6 @@ namespace Org.BouncyCastle.X509
}
/// <summary>
- /// Generate an X.509 CRL, based on the current issuer and subject.
- /// </summary>
- /// <param name="privateKey">The private key of the issuer that is signing this certificate.</param>
- /// <returns>An X509Crl.</returns>
- [Obsolete("Use Generate with an ISignatureFactory")]
- public X509Crl Generate(
- AsymmetricKeyParameter privateKey)
- {
- return Generate(privateKey, null);
- }
-
- /// <summary>
- /// Generate an X.509 CRL, based on the current issuer and subject using the specified secure random.
- /// </summary>
- /// <param name="privateKey">The private key of the issuer that is signing this certificate.</param>
- /// <param name="random">Your Secure Random instance.</param>
- /// <returns>An X509Crl.</returns>
- [Obsolete("Use Generate with an ISignatureFactory")]
- public X509Crl Generate(
- AsymmetricKeyParameter privateKey,
- SecureRandom random)
- {
- return Generate(new Asn1SignatureFactory(signatureAlgorithm, privateKey, random));
- }
-
- /// <summary>
/// Generate a new X509Crl using the passed in SignatureCalculator.
/// </summary>
/// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param>
diff --git a/crypto/src/x509/X509V3CertificateGenerator.cs b/crypto/src/x509/X509V3CertificateGenerator.cs
index bc619c37b..47e58ddb5 100644
--- a/crypto/src/x509/X509V3CertificateGenerator.cs
+++ b/crypto/src/x509/X509V3CertificateGenerator.cs
@@ -20,10 +20,7 @@ namespace Org.BouncyCastle.X509
{
private readonly X509ExtensionsGenerator extGenerator = new X509ExtensionsGenerator();
- private V3TbsCertificateGenerator tbsGen;
- private DerObjectIdentifier sigOid;
- private AlgorithmIdentifier sigAlgId;
- private string signatureAlgorithm;
+ private V3TbsCertificateGenerator tbsGen;
public X509V3CertificateGenerator()
{
@@ -108,30 +105,6 @@ namespace Org.BouncyCastle.X509
}
/// <summary>
- /// Set the signature algorithm that will be used to sign this certificate.
- /// </summary>
- /// <param name="signatureAlgorithm"/>
- [Obsolete("Not needed if Generate used with an ISignatureFactory")]
- public void SetSignatureAlgorithm(
- string signatureAlgorithm)
- {
- this.signatureAlgorithm = signatureAlgorithm;
-
- try
- {
- sigOid = X509Utilities.GetAlgorithmOid(signatureAlgorithm);
- }
- catch (Exception)
- {
- throw new ArgumentException("Unknown signature type requested: " + signatureAlgorithm);
- }
-
- sigAlgId = X509Utilities.GetSigAlgID(sigOid, signatureAlgorithm);
-
- tbsGen.SetSignature(sigAlgId);
- }
-
- /// <summary>
/// Set the subject unique ID - note: it is very rare that it is correct to do this.
/// </summary>
/// <param name="uniqueID"/>
@@ -272,32 +245,6 @@ namespace Org.BouncyCastle.X509
}
/// <summary>
- /// Generate an X509Certificate.
- /// </summary>
- /// <param name="privateKey">The private key of the issuer that is signing this certificate.</param>
- /// <returns>An X509Certificate.</returns>
- [Obsolete("Use Generate with an ISignatureFactory")]
- public X509Certificate Generate(
- AsymmetricKeyParameter privateKey)
- {
- return Generate(privateKey, null);
- }
-
- /// <summary>
- /// Generate an X509Certificate using your own SecureRandom.
- /// </summary>
- /// <param name="privateKey">The private key of the issuer that is signing this certificate.</param>
- /// <param name="random">You Secure Random instance.</param>
- /// <returns>An X509Certificate.</returns>
- [Obsolete("Use Generate with an ISignatureFactory")]
- public X509Certificate Generate(
- AsymmetricKeyParameter privateKey,
- SecureRandom random)
- {
- return Generate(new Asn1SignatureFactory(signatureAlgorithm, privateKey, random));
- }
-
- /// <summary>
/// Generate a new X509Certificate using the passed in SignatureCalculator.
/// </summary>
/// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param>
diff --git a/crypto/test/src/cmp/test/ProtectedMessageTest.cs b/crypto/test/src/cmp/test/ProtectedMessageTest.cs
index 22e4b1c85..d28984af6 100644
--- a/crypto/test/src/cmp/test/ProtectedMessageTest.cs
+++ b/crypto/test/src/cmp/test/ProtectedMessageTest.cs
@@ -402,9 +402,8 @@ namespace Org.BouncyCastle.Cmp.Tests
}
certGen.SetPublicKey(PublicKey);
- certGen.SetSignatureAlgorithm(SignatureAlgorithm);
- return certGen.Generate(privateKey);
+ return certGen.Generate(new Asn1SignatureFactory(SignatureAlgorithm, privateKey, null));
}
}
}
diff --git a/crypto/test/src/cms/test/CMSTestUtil.cs b/crypto/test/src/cms/test/CMSTestUtil.cs
index ca94959d7..242d7e8cf 100644
--- a/crypto/test/src/cms/test/CMSTestUtil.cs
+++ b/crypto/test/src/cms/test/CMSTestUtil.cs
@@ -6,6 +6,7 @@ using System.Text;
using Org.BouncyCastle.Asn1.CryptoPro;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Security;
@@ -19,7 +20,8 @@ namespace Org.BouncyCastle.Cms.Tests
{
public class CmsTestUtil
{
- public static SecureRandom rand;
+ public static readonly SecureRandom Random = new SecureRandom();
+
private static IAsymmetricCipherKeyPairGenerator kpg;
private static IAsymmetricCipherKeyPairGenerator gostKpg;
private static IAsymmetricCipherKeyPairGenerator dsaKpg;
@@ -85,7 +87,7 @@ namespace Org.BouncyCastle.Cms.Tests
{
kpg = GeneratorUtilities.GetKeyPairGenerator("RSA");
kpg.Init(new RsaKeyGenerationParameters(
- BigInteger.ValueOf(17), rand, 1024, 25));
+ BigInteger.ValueOf(17), Random, 1024, 25));
}
return kpg;
@@ -101,7 +103,7 @@ namespace Org.BouncyCastle.Cms.Tests
gostKpg = GeneratorUtilities.GetKeyPairGenerator("GOST3410");
gostKpg.Init(
new Gost3410KeyGenerationParameters(
- rand,
+ Random,
CryptoProObjectIdentifiers.GostR3410x94CryptoProA));
}
@@ -120,7 +122,7 @@ namespace Org.BouncyCastle.Cms.Tests
new BigInteger("1138656671590261728308283492178581223478058193247"),
new BigInteger("4182906737723181805517018315469082619513954319976782448649747742951189003482834321192692620856488639629011570381138542789803819092529658402611668375788410"));
dsaKpg = GeneratorUtilities.GetKeyPairGenerator("DSA");
- dsaKpg.Init(new DsaKeyGenerationParameters(rand, dsaSpec));
+ dsaKpg.Init(new DsaKeyGenerationParameters(Random, dsaSpec));
}
return dsaKpg;
@@ -151,7 +153,7 @@ namespace Org.BouncyCastle.Cms.Tests
if (ecDsaKpg == null)
{
ecDsaKpg = GeneratorUtilities.GetKeyPairGenerator("ECDSA");
- ecDsaKpg.Init(new KeyGenerationParameters(rand, 239));
+ ecDsaKpg.Init(new KeyGenerationParameters(Random, 239));
}
return ecDsaKpg;
@@ -162,25 +164,23 @@ namespace Org.BouncyCastle.Cms.Tests
{
try
{
- rand = new SecureRandom();
-
aes192kg = GeneratorUtilities.GetKeyGenerator("AES");
- aes192kg.Init(new KeyGenerationParameters(rand, 192));
+ aes192kg.Init(new KeyGenerationParameters(Random, 192));
desede128kg = GeneratorUtilities.GetKeyGenerator("DESEDE");
- desede128kg.Init(new KeyGenerationParameters(rand, 112));
+ desede128kg.Init(new KeyGenerationParameters(Random, 112));
desede192kg = GeneratorUtilities.GetKeyGenerator("DESEDE");
- desede192kg.Init(new KeyGenerationParameters(rand, 168));
+ desede192kg.Init(new KeyGenerationParameters(Random, 168));
rc240kg = GeneratorUtilities.GetKeyGenerator("RC2");
- rc240kg.Init(new KeyGenerationParameters(rand, 40));
+ rc240kg.Init(new KeyGenerationParameters(Random, 40));
rc264kg = GeneratorUtilities.GetKeyGenerator("RC2");
- rc264kg.Init(new KeyGenerationParameters(rand, 64));
+ rc264kg.Init(new KeyGenerationParameters(Random, 64));
rc2128kg = GeneratorUtilities.GetKeyGenerator("RC2");
- rc2128kg.Init(new KeyGenerationParameters(rand, 128));
+ rc2128kg.Init(new KeyGenerationParameters(Random, 128));
aesKg = GeneratorUtilities.GetKeyGenerator("AES");
@@ -291,7 +291,7 @@ namespace Org.BouncyCastle.Cms.Tests
public static KeyParameter MakeAesKey(
int keySize)
{
- aesKg.Init(new KeyGenerationParameters(rand, keySize));
+ aesKg.Init(new KeyGenerationParameters(Random, keySize));
return ParameterUtilities.CreateKeyParameter("AES", aesKg.GenerateKey());
}
@@ -299,7 +299,7 @@ namespace Org.BouncyCastle.Cms.Tests
public static KeyParameter MakeCamelliaKey(
int keySize)
{
- camelliaKg.Init(new KeyGenerationParameters(rand, keySize));
+ camelliaKg.Init(new KeyGenerationParameters(Random, keySize));
return ParameterUtilities.CreateKeyParameter("CAMELLIA", camelliaKg.GenerateKey());
}
@@ -323,8 +323,10 @@ namespace Org.BouncyCastle.Cms.Tests
AsymmetricKeyParameter issPriv = issKP.Private;
AsymmetricKeyParameter issPub = issKP.Public;
- X509V1CertificateGenerator v1CertGen = new X509V1CertificateGenerator();
+ string signatureAlgorithm = GetSignatureAlgorithm(issPub);
+ ISignatureFactory signatureFactory = new Asn1SignatureFactory(signatureAlgorithm, issPriv, Random);
+ X509V1CertificateGenerator v1CertGen = new X509V1CertificateGenerator();
v1CertGen.Reset();
v1CertGen.SetSerialNumber(AllocateSerialNumber());
v1CertGen.SetIssuerDN(new X509Name(_issDN));
@@ -332,33 +334,7 @@ namespace Org.BouncyCastle.Cms.Tests
v1CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100));
v1CertGen.SetSubjectDN(new X509Name(_subDN));
v1CertGen.SetPublicKey(subPub);
-
- if (issPub is RsaKeyParameters)
- {
- v1CertGen.SetSignatureAlgorithm("SHA1WithRSA");
- }
- else if (issPub is DsaPublicKeyParameters)
- {
- v1CertGen.SetSignatureAlgorithm("SHA1withDSA");
- }
- else if (issPub is ECPublicKeyParameters)
- {
- ECPublicKeyParameters ecPub = (ECPublicKeyParameters)issPub;
- if (ecPub.AlgorithmName == "ECGOST3410")
- {
- v1CertGen.SetSignatureAlgorithm("GOST3411withECGOST3410");
- }
- else
- {
- v1CertGen.SetSignatureAlgorithm("SHA1withECDSA");
- }
- }
- else
- {
- v1CertGen.SetSignatureAlgorithm("GOST3411WithGOST3410");
- }
-
- X509Certificate _cert = v1CertGen.Generate(issPriv);
+ X509Certificate _cert = v1CertGen.Generate(signatureFactory);
_cert.CheckValidity(DateTime.UtcNow);
_cert.Verify(issPub);
@@ -374,8 +350,10 @@ namespace Org.BouncyCastle.Cms.Tests
AsymmetricKeyParameter issPriv = issKP.Private;
AsymmetricKeyParameter issPub = issKP.Public;
- X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
+ string signatureAlgorithm = GetSignatureAlgorithm(issPub);
+ ISignatureFactory signatureFactory = new Asn1SignatureFactory(signatureAlgorithm, issPriv, Random);
+ X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
v3CertGen.Reset();
v3CertGen.SetSerialNumber(AllocateSerialNumber());
v3CertGen.SetIssuerDN(new X509Name(_issDN));
@@ -384,27 +362,6 @@ namespace Org.BouncyCastle.Cms.Tests
v3CertGen.SetSubjectDN(new X509Name(_subDN));
v3CertGen.SetPublicKey(subPub);
- if (issPub is RsaKeyParameters)
- {
- v3CertGen.SetSignatureAlgorithm("SHA1WithRSA");
- }
- else if (issPub is ECPublicKeyParameters)
- {
- ECPublicKeyParameters ecPub = (ECPublicKeyParameters) issPub;
- if (ecPub.AlgorithmName == "ECGOST3410")
- {
- v3CertGen.SetSignatureAlgorithm("GOST3411withECGOST3410");
- }
- else
- {
- v3CertGen.SetSignatureAlgorithm("SHA1withECDSA");
- }
- }
- else
- {
- v3CertGen.SetSignatureAlgorithm("GOST3411WithGOST3410");
- }
-
v3CertGen.AddExtension(
X509Extensions.SubjectKeyIdentifier,
false,
@@ -420,7 +377,7 @@ namespace Org.BouncyCastle.Cms.Tests
false,
new BasicConstraints(_ca));
- X509Certificate _cert = v3CertGen.Generate(issPriv);
+ X509Certificate _cert = v3CertGen.Generate(signatureFactory);
_cert.CheckValidity();
_cert.Verify(issPub);
@@ -438,20 +395,36 @@ namespace Org.BouncyCastle.Cms.Tests
crlGen.SetThisUpdate(now);
crlGen.SetNextUpdate(now.AddSeconds(100));
- crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
crlGen.AddCrlEntry(BigInteger.One, now, CrlReason.PrivilegeWithdrawn);
crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public));
- return crlGen.Generate(pair.Private);
+ return crlGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", pair.Private, null));
}
- /*
+ /*
*
* INTERNAL METHODS
*
*/
+
+ internal static string GetSignatureAlgorithm(AsymmetricKeyParameter publicKey)
+ {
+ if (publicKey is RsaKeyParameters)
+ return "SHA1WithRSA";
+
+ if (publicKey is DsaPublicKeyParameters)
+ return "SHA1withDSA";
+
+ if (publicKey is ECPublicKeyParameters ecPub)
+ {
+ return ecPub.AlgorithmName == "ECGOST3410" ? "GOST3411withECGOST3410" : "SHA1withECDSA";
+ }
+
+ return "GOST3411WithGOST3410";
+ }
+
internal static IX509Store MakeAttrCertStore(params IX509AttributeCertificate[] attrCerts)
{
IList attrCertList = new ArrayList();
diff --git a/crypto/test/src/ocsp/test/OCSPTestUtil.cs b/crypto/test/src/ocsp/test/OCSPTestUtil.cs
index 53b8f5bb9..c36c3163f 100644
--- a/crypto/test/src/ocsp/test/OCSPTestUtil.cs
+++ b/crypto/test/src/ocsp/test/OCSPTestUtil.cs
@@ -1,10 +1,8 @@
using System;
-using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Asn1.X9;
using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Security;
@@ -98,7 +96,6 @@ namespace Org.BouncyCastle.Ocsp.Tests
_v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100));
_v3CertGen.SetSubjectDN(new X509Name(_subDN));
_v3CertGen.SetPublicKey(_subPub);
- _v3CertGen.SetSignatureAlgorithm(algorithm);
_v3CertGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false,
createSubjectKeyId(_subPub));
@@ -109,9 +106,9 @@ namespace Org.BouncyCastle.Ocsp.Tests
_v3CertGen.AddExtension(X509Extensions.BasicConstraints, false,
new BasicConstraints(_ca));
- X509Certificate _cert = _v3CertGen.Generate(_issPriv);
+ X509Certificate _cert = _v3CertGen.Generate(new Asn1SignatureFactory(algorithm, _issPriv, null));
- _cert.CheckValidity(DateTime.UtcNow);
+ _cert.CheckValidity(DateTime.UtcNow);
_cert.Verify(_issPub);
return _cert;
diff --git a/crypto/test/src/pkcs/examples/PKCS12Example.cs b/crypto/test/src/pkcs/examples/PKCS12Example.cs
index 002e14c38..06247bc3f 100644
--- a/crypto/test/src/pkcs/examples/PKCS12Example.cs
+++ b/crypto/test/src/pkcs/examples/PKCS12Example.cs
@@ -6,10 +6,10 @@ using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Pkcs;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Security;
-using Org.BouncyCastle.Utilities.Date;
using Org.BouncyCastle.X509;
using Org.BouncyCastle.X509.Extension;
@@ -26,9 +26,6 @@ namespace Org.BouncyCastle.Pkcs.Examples
{
private static readonly char[] passwd = "hello world".ToCharArray();
- private static readonly X509V1CertificateGenerator v1CertGen = new X509V1CertificateGenerator();
- private static readonly X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
-
/**
* we generate the CA's certificate
*/
@@ -49,16 +46,16 @@ namespace Org.BouncyCastle.Pkcs.Examples
//
// create the certificate - version 1
//
+ ISignatureFactory signatureFactory = new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null);
+ X509V1CertificateGenerator v1CertGen = new X509V1CertificateGenerator();
v1CertGen.SetSerialNumber(BigInteger.One);
v1CertGen.SetIssuerDN(new X509Name(issuer));
v1CertGen.SetNotBefore(DateTime.UtcNow.AddMonths(-1));
v1CertGen.SetNotAfter(DateTime.UtcNow.AddMonths(1));
v1CertGen.SetSubjectDN(new X509Name(subject));
v1CertGen.SetPublicKey(pubKey);
- v1CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
-
- X509Certificate cert = v1CertGen.Generate(privKey);
+ X509Certificate cert = v1CertGen.Generate(signatureFactory);
cert.CheckValidity(DateTime.UtcNow);
@@ -107,15 +104,13 @@ namespace Org.BouncyCastle.Pkcs.Examples
//
// create the certificate - version 3
//
- v3CertGen.Reset();
-
+ X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
v3CertGen.SetSerialNumber(BigInteger.Two);
v3CertGen.SetIssuerDN(PrincipalUtilities.GetSubjectX509Principal(caCert));
v3CertGen.SetNotBefore(DateTime.UtcNow.AddMonths(-1));
v3CertGen.SetNotAfter(DateTime.UtcNow.AddMonths(1));
v3CertGen.SetSubjectDN(new X509Name(order, attrs));
v3CertGen.SetPublicKey(pubKey);
- v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
//
// extensions
@@ -135,7 +130,7 @@ namespace Org.BouncyCastle.Pkcs.Examples
true,
new BasicConstraints(0));
- X509Certificate cert = v3CertGen.Generate(caPrivKey);
+ X509Certificate cert = v3CertGen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", caPrivKey, null));
cert.CheckValidity(DateTime.UtcNow);
@@ -202,15 +197,13 @@ namespace Org.BouncyCastle.Pkcs.Examples
//
// create the certificate - version 3
//
- v3CertGen.Reset();
-
+ X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
v3CertGen.SetSerialNumber(BigInteger.Three);
v3CertGen.SetIssuerDN(new X509Name(sOrder, sAttrs));
v3CertGen.SetNotBefore(DateTime.UtcNow.AddMonths(-1));
v3CertGen.SetNotAfter(DateTime.UtcNow.AddMonths(1));
v3CertGen.SetSubjectDN(new X509Name(order, attrs));
v3CertGen.SetPublicKey(pubKey);
- v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
//
// add the extensions
@@ -225,7 +218,7 @@ namespace Org.BouncyCastle.Pkcs.Examples
false,
new AuthorityKeyIdentifierStructure(caPubKey));
- X509Certificate cert = v3CertGen.Generate(caPrivKey);
+ X509Certificate cert = v3CertGen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", caPrivKey, null));
cert.CheckValidity(DateTime.UtcNow);
diff --git a/crypto/test/src/pkcs/test/PKCS12StoreTest.cs b/crypto/test/src/pkcs/test/PKCS12StoreTest.cs
index 1b49a5d02..884fd7449 100644
--- a/crypto/test/src/pkcs/test/PKCS12StoreTest.cs
+++ b/crypto/test/src/pkcs/test/PKCS12StoreTest.cs
@@ -8,9 +8,9 @@ using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Pkcs;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
-using Org.BouncyCastle.Pkcs;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Utilities.Encoders;
using Org.BouncyCastle.Utilities.Test;
@@ -897,9 +897,10 @@ namespace Org.BouncyCastle.Pkcs.Tests
certGen.SetNotAfter(DateTime.UtcNow.AddDays(30));
certGen.SetSubjectDN(new X509Name(order, subjectAttrs));
certGen.SetPublicKey(pubKey);
- certGen.SetSignatureAlgorithm("MD5WithRSAEncryption");
- return new X509CertificateEntry(certGen.Generate(privKey));
+ ISignatureFactory signatureFactory = new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null);
+ X509Certificate cert = certGen.Generate(signatureFactory);
+ return new X509CertificateEntry(cert);
}
private void DoTestCertsOnly()
diff --git a/crypto/test/src/security/test/TestDotNetUtil.cs b/crypto/test/src/security/test/TestDotNetUtil.cs
index 062eada0e..899af016c 100644
--- a/crypto/test/src/security/test/TestDotNetUtil.cs
+++ b/crypto/test/src/security/test/TestDotNetUtil.cs
@@ -9,6 +9,7 @@ using NUnit.Framework;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Utilities.Encoders;
@@ -66,11 +67,10 @@ namespace Org.BouncyCastle.Security.Tests
certGen.SetNotAfter(DateTime.UtcNow.AddDays(1));
certGen.SetSubjectDN(new X509Name(ord, attrs));
certGen.SetPublicKey(dsaPub);
- certGen.SetSignatureAlgorithm("SHA1WITHDSA");
- X509Certificate cert = certGen.Generate(dsaPriv);
+ X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("SHA1WITHDSA", dsaPriv, null));
- cert.CheckValidity();
+ cert.CheckValidity();
cert.Verify(dsaPub);
SystemX509.X509Certificate dotNetCert = DotNetUtilities.ToX509Certificate(cert);
diff --git a/crypto/test/src/test/AttrCertSelectorTest.cs b/crypto/test/src/test/AttrCertSelectorTest.cs
index 37c1e66d2..dfd4295e2 100644
--- a/crypto/test/src/test/AttrCertSelectorTest.cs
+++ b/crypto/test/src/test/AttrCertSelectorTest.cs
@@ -5,6 +5,7 @@ using NUnit.Framework;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Utilities.Date;
@@ -110,7 +111,6 @@ namespace Org.BouncyCastle.Tests
gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
gen.SetSerialNumber(BigInteger.One);
- gen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
Target targetName = new Target(
Target.Choice.Name,
@@ -125,7 +125,7 @@ namespace Org.BouncyCastle.Tests
TargetInformation targetInformation = new TargetInformation(targets);
gen.AddExtension(X509Extensions.TargetInformation.Id, true, targetInformation);
- return gen.Generate(privKey);
+ return gen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null));
}
[Test]
diff --git a/crypto/test/src/test/AttrCertTest.cs b/crypto/test/src/test/AttrCertTest.cs
index d701d007e..f57f67fad 100644
--- a/crypto/test/src/test/AttrCertTest.cs
+++ b/crypto/test/src/test/AttrCertTest.cs
@@ -6,9 +6,9 @@ using NUnit.Framework;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
-using Org.BouncyCastle.Security;
using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.Utilities.Encoders;
using Org.BouncyCastle.Utilities.Test;
@@ -270,9 +270,9 @@ namespace Org.BouncyCastle.Tests
gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
gen.SetSerialNumber(BigInteger.One);
- gen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
- IX509AttributeCertificate aCert = gen.Generate(privKey);
+ IX509AttributeCertificate aCert = gen.Generate(
+ new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null));
aCert.CheckValidity();
@@ -378,9 +378,9 @@ namespace Org.BouncyCastle.Tests
gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
gen.SetSerialNumber(BigInteger.One);
- gen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
- IX509AttributeCertificate aCert = gen.Generate(privKey);
+ IX509AttributeCertificate aCert = gen.Generate(
+ new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null));
aCert.CheckValidity();
@@ -499,9 +499,8 @@ namespace Org.BouncyCastle.Tests
gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
gen.SetSerialNumber(aCert.SerialNumber);
- gen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
- aCert = gen.Generate(privKey);
+ aCert = gen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null));
aCert.CheckValidity();
@@ -575,7 +574,7 @@ namespace Org.BouncyCastle.Tests
gen.AddExtension("2.2", false, new DerOctetString(new byte[20]));
- aCert = gen.Generate(privKey);
+ aCert = gen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null));
ISet exts = aCert.GetCriticalExtensionOids();
diff --git a/crypto/test/src/test/CertTest.cs b/crypto/test/src/test/CertTest.cs
index d83b67f8c..e0f97a61f 100644
--- a/crypto/test/src/test/CertTest.cs
+++ b/crypto/test/src/test/CertTest.cs
@@ -12,6 +12,7 @@ using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Asn1.X9;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Math.EC;
@@ -1164,9 +1165,8 @@ namespace Org.BouncyCastle.Tests
certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
certGen.SetSubjectDN(new X509Name(ord, values));
certGen.SetPublicKey(pubKey);
- certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
- X509Certificate cert = certGen.Generate(privKey);
+ X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", privKey, null));
cert.CheckValidity(DateTime.UtcNow);
@@ -1194,7 +1194,6 @@ namespace Org.BouncyCastle.Tests
certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
certGen.SetSubjectDN(new X509Name(ord, values));
certGen.SetPublicKey(pubKey);
- certGen.SetSignatureAlgorithm("MD5WithRSAEncryption");
certGen.AddExtension("2.5.29.15", true,
new X509KeyUsage(X509KeyUsage.EncipherOnly));
certGen.AddExtension("2.5.29.37", true,
@@ -1202,7 +1201,7 @@ namespace Org.BouncyCastle.Tests
certGen.AddExtension("2.5.29.17", true,
new GeneralNames(new GeneralName(GeneralName.Rfc822Name, "test@test.test")));
- cert = certGen.Generate(privKey);
+ cert = certGen.Generate(new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null));
cert.CheckValidity(DateTime.UtcNow);
@@ -1242,9 +1241,7 @@ namespace Org.BouncyCastle.Tests
certGen1.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
certGen1.SetSubjectDN(new X509Name(ord, values));
certGen1.SetPublicKey(pubKey);
- certGen1.SetSignatureAlgorithm("MD5WithRSAEncryption");
-
- cert = certGen1.Generate(privKey);
+ cert = certGen1.Generate(new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null));
cert.CheckValidity(DateTime.UtcNow);
@@ -1322,11 +1319,10 @@ namespace Org.BouncyCastle.Tests
certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
certGen.SetSubjectDN(new X509Name(ord, values));
certGen.SetPublicKey(pubKey);
- certGen.SetSignatureAlgorithm("SHA1withDSA");
try
{
- X509Certificate cert = certGen.Generate(privKey);
+ X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("SHA1withDSA", privKey, null));
cert.CheckValidity(DateTime.UtcNow);
@@ -1352,11 +1348,10 @@ namespace Org.BouncyCastle.Tests
certGen1.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
certGen1.SetSubjectDN(new X509Name(ord, values));
certGen1.SetPublicKey(pubKey);
- certGen1.SetSignatureAlgorithm("SHA1withDSA");
try
{
- X509Certificate cert = certGen1.Generate(privKey);
+ X509Certificate cert = certGen1.Generate(new Asn1SignatureFactory("SHA1withDSA", privKey, null));
cert.CheckValidity(DateTime.UtcNow);
@@ -1465,11 +1460,10 @@ namespace Org.BouncyCastle.Tests
certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
certGen.SetSubjectDN(new X509Name(order, attrs));
certGen.SetPublicKey(pubKey);
- certGen.SetSignatureAlgorithm("SHA1withECDSA");
try
{
- X509Certificate cert = certGen.Generate(privKey);
+ X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("SHA1withECDSA", privKey, null));
cert.CheckValidity(DateTime.UtcNow);
@@ -1490,7 +1484,7 @@ namespace Org.BouncyCastle.Tests
certGen.SetPublicKey(pubKey);
- cert = certGen.Generate(privKey);
+ cert = certGen.Generate(new Asn1SignatureFactory("SHA1withECDSA", privKey, null));
cert.CheckValidity(DateTime.UtcNow);
@@ -1583,10 +1577,8 @@ namespace Org.BouncyCastle.Tests
certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
certGen.SetSubjectDN(new X509Name(order, attrs));
certGen.SetPublicKey(pubKey);
- certGen.SetSignatureAlgorithm(algorithm);
-
- X509Certificate cert = certGen.Generate(privKey);
+ X509Certificate cert = certGen.Generate(new Asn1SignatureFactory(algorithm, privKey, null));
cert.CheckValidity(DateTime.UtcNow);
@@ -1607,7 +1599,7 @@ namespace Org.BouncyCastle.Tests
certGen.SetPublicKey(pubKey);
- cert = certGen.Generate(privKey);
+ cert = certGen.Generate(new Asn1SignatureFactory(algorithm, privKey, null));
cert.CheckValidity(DateTime.UtcNow);
@@ -1673,14 +1665,13 @@ namespace Org.BouncyCastle.Tests
crlGen.SetThisUpdate(now);
crlGen.SetNextUpdate(now.AddSeconds(100));
- crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
crlGen.AddCrlEntry(BigInteger.One, now, CrlReason.PrivilegeWithdrawn);
crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false,
new AuthorityKeyIdentifierStructure(pair.Public));
- X509Crl crl = crlGen.Generate(pair.Private);
+ X509Crl crl = crlGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", pair.Private, null));
if (!crl.IssuerDN.Equivalent(new X509Name("CN=Test CA"), true))
{
@@ -1745,7 +1736,6 @@ namespace Org.BouncyCastle.Tests
crlGen.SetThisUpdate(now);
crlGen.SetNextUpdate(now.AddSeconds(100));
- crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
IList extOids = new ArrayList();
IList extValues = new ArrayList();
@@ -1768,7 +1758,7 @@ namespace Org.BouncyCastle.Tests
crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public));
- X509Crl crl = crlGen.Generate(pair.Private);
+ X509Crl crl = crlGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", pair.Private, null));
if (!crl.IssuerDN.Equivalent(new X509Name("CN=Test CA"), true))
{
@@ -1833,7 +1823,6 @@ namespace Org.BouncyCastle.Tests
crlGen.SetThisUpdate(now);
crlGen.SetNextUpdate(now.AddSeconds(100));
- crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
IList extOids = new ArrayList();
IList extValues = new ArrayList();
@@ -1856,7 +1845,7 @@ namespace Org.BouncyCastle.Tests
crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public));
- X509Crl crl = crlGen.Generate(pair.Private);
+ X509Crl crl = crlGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", pair.Private, null));
if (!crl.IssuerDN.Equivalent(new X509Name("CN=Test CA"), true))
{
@@ -1915,7 +1904,6 @@ namespace Org.BouncyCastle.Tests
crlGen.SetThisUpdate(now);
crlGen.SetNextUpdate(now.AddSeconds(100));
- crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
crlGen.AddCrl(crl);
@@ -1923,7 +1911,7 @@ namespace Org.BouncyCastle.Tests
crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public));
- X509Crl newCrl = crlGen.Generate(pair.Private);
+ X509Crl newCrl = crlGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", pair.Private, null));
int count = 0;
bool oneFound = false;
@@ -2043,9 +2031,8 @@ namespace Org.BouncyCastle.Tests
certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
certGen.SetSubjectDN(new X509Name(order, attrs));
certGen.SetPublicKey(pubKey);
- certGen.SetSignatureAlgorithm("GOST3411withGOST3410");
- X509Certificate cert = certGen.Generate(privKey);
+ X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("GOST3411withGOST3410", privKey, null));
cert.CheckValidity(DateTime.UtcNow);
@@ -2127,7 +2114,6 @@ namespace Org.BouncyCastle.Tests
certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
certGen.SetSubjectDN(new X509Name(ord, values));
certGen.SetPublicKey(pubKey);
- certGen.SetSignatureAlgorithm("MD5WithRSAEncryption");
certGen.AddExtension("2.5.29.15", true,
new X509KeyUsage(X509KeyUsage.EncipherOnly));
certGen.AddExtension("2.5.29.37", true,
@@ -2135,7 +2121,8 @@ namespace Org.BouncyCastle.Tests
certGen.AddExtension("2.5.29.17", true,
new GeneralNames(new GeneralName(GeneralName.Rfc822Name, "test@test.test")));
- X509Certificate baseCert = certGen.Generate(privKey);
+ X509Certificate baseCert = certGen.Generate(
+ new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null));
//
// copy certificate
@@ -2148,12 +2135,11 @@ namespace Org.BouncyCastle.Tests
certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
certGen.SetSubjectDN(new X509Name(ord, values));
certGen.SetPublicKey(pubKey);
- certGen.SetSignatureAlgorithm("MD5WithRSAEncryption");
certGen.CopyAndAddExtension(new DerObjectIdentifier("2.5.29.15"), true, baseCert);
certGen.CopyAndAddExtension("2.5.29.37", false, baseCert);
- X509Certificate cert = certGen.Generate(privKey);
+ X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null));
cert.CheckValidity(DateTime.UtcNow);
@@ -2189,7 +2175,7 @@ namespace Org.BouncyCastle.Tests
{
certGen.SetPublicKey(dudPublicKey);
- certGen.Generate(privKey);
+ certGen.Generate(new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null));
Fail("key without encoding not detected in v3");
}
@@ -2390,7 +2376,6 @@ namespace Org.BouncyCastle.Tests
certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
certGen.SetSubjectDN(new X509Name(ord, values));
certGen.SetPublicKey(pubKey);
- certGen.SetSignatureAlgorithm(algorithm);
certGen.AddExtension("2.5.29.15", true,
new X509KeyUsage(X509KeyUsage.EncipherOnly));
certGen.AddExtension("2.5.29.37", true,
@@ -2398,7 +2383,7 @@ namespace Org.BouncyCastle.Tests
certGen.AddExtension("2.5.29.17", true,
new GeneralNames(new GeneralName(GeneralName.Rfc822Name, "test@test.test")));
- X509Certificate baseCert = certGen.Generate(privKey);
+ X509Certificate baseCert = certGen.Generate(new Asn1SignatureFactory(algorithm, privKey, null));
baseCert.Verify(pubKey);
}
@@ -2457,8 +2442,7 @@ namespace Org.BouncyCastle.Tests
certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
certGen.SetSubjectDN(new X509Name("CN=Test"));
certGen.SetPublicKey(pubKey);
- certGen.SetSignatureAlgorithm("MD5WithRSAEncryption");
- X509Certificate cert = certGen.Generate(privKey);
+ X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("MD5WithRSAEncryption", privKey, null));
X509CertificateStructure certStruct = X509CertificateStructure.GetInstance(
Asn1Object.FromByteArray(cert.GetEncoded()));
diff --git a/crypto/test/src/test/ECEncodingTest.cs b/crypto/test/src/test/ECEncodingTest.cs
index 8d993c15e..ff9fb7aa2 100644
--- a/crypto/test/src/test/ECEncodingTest.cs
+++ b/crypto/test/src/test/ECEncodingTest.cs
@@ -1,5 +1,4 @@
using System;
-using System.IO;
using NUnit.Framework;
@@ -7,6 +6,7 @@ using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Asn1.X9;
using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Math.EC;
@@ -204,7 +204,6 @@ namespace Org.BouncyCastle.Tests
pubECKey = SetPublicUncompressed(pubECKey);
}
- certGen.SetSignatureAlgorithm("ECDSAwithSHA1");
certGen.SetSerialNumber(BigInteger.One);
certGen.SetIssuerDN(new X509Name("CN=Software emul (EC Cert)"));
certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
@@ -212,7 +211,7 @@ namespace Org.BouncyCastle.Tests
certGen.SetSubjectDN(new X509Name("CN=Software emul (EC Cert)"));
certGen.SetPublicKey(pubECKey);
- return certGen.Generate(privECKey);
+ return certGen.Generate(new Asn1SignatureFactory("ECDSAwithSHA1", privECKey, null));
}
private ECPublicKeyParameters SetPublicUncompressed(
diff --git a/crypto/test/src/test/GOST3410Test.cs b/crypto/test/src/test/GOST3410Test.cs
index 03dcf3144..fc439c4ee 100644
--- a/crypto/test/src/test/GOST3410Test.cs
+++ b/crypto/test/src/test/GOST3410Test.cs
@@ -6,6 +6,7 @@ using NUnit.Framework;
using Org.BouncyCastle.Asn1.CryptoPro;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Math.EC;
@@ -260,16 +261,14 @@ namespace Org.BouncyCastle.Tests
certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
certGen.SetSubjectDN(new X509Name("CN=Test"));
certGen.SetPublicKey(vKey);
- certGen.SetSignatureAlgorithm("GOST3411withGOST3410");
-
- X509Certificate cert = certGen.Generate(sKey);
+
+ X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("GOST3411withGOST3410", sKey, null));
X509CertificateEntry certEntry = new X509CertificateEntry(cert);
-// ks.SetKeyEntry("gost", sKey, "gost".ToCharArray(), new X509Certificate[] { cert });
- ks.SetKeyEntry("gost", new AsymmetricKeyEntry(sKey), new X509CertificateEntry[] { certEntry });
-
+ ks.SetKeyEntry("gost", new AsymmetricKeyEntry(sKey), new X509CertificateEntry[]{ certEntry });
+
MemoryStream bOut = new MemoryStream();
-
+
ks.Save(bOut, "gost".ToCharArray(), new SecureRandom());
// ks = KeyStore.getInstance("JKS");
diff --git a/crypto/test/src/test/PkixPolicyMappingTest.cs b/crypto/test/src/test/PkixPolicyMappingTest.cs
index 47e2c3120..24fe4e006 100644
--- a/crypto/test/src/test/PkixPolicyMappingTest.cs
+++ b/crypto/test/src/test/PkixPolicyMappingTest.cs
@@ -6,6 +6,7 @@ using NUnit.Framework;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Pkix;
@@ -41,9 +42,7 @@ namespace Org.BouncyCastle.Tests
v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(30));
v3CertGen.SetSubjectDN(new X509Name(subject));
v3CertGen.SetPublicKey(pubKey);
- v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
- X509Certificate cert = v3CertGen.Generate(privKey);
- return cert;
+ return v3CertGen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", privKey, null));
}
/**
@@ -65,12 +64,10 @@ namespace Org.BouncyCastle.Tests
v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(30));
v3CertGen.SetSubjectDN(new X509Name(subject));
v3CertGen.SetPublicKey(pubKey);
- v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
v3CertGen.AddExtension(X509Extensions.CertificatePolicies, true, new DerSequence(policies));
v3CertGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(true));
v3CertGen.AddExtension(X509Extensions.PolicyMappings, true, new PolicyMappings(policyMap));
- X509Certificate cert = v3CertGen.Generate(caPrivKey);
- return cert;
+ return v3CertGen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", caPrivKey, null));
}
/**
@@ -91,10 +88,8 @@ namespace Org.BouncyCastle.Tests
v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(30));
v3CertGen.SetSubjectDN(new X509Name(subject));
v3CertGen.SetPublicKey(pubKey);
- v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption");
v3CertGen.AddExtension(X509Extensions.CertificatePolicies, true, new DerSequence(policies));
- X509Certificate cert = v3CertGen.Generate(caPrivKey);
- return cert;
+ return v3CertGen.Generate(new Asn1SignatureFactory("SHA1WithRSAEncryption", caPrivKey, null));
}
private string TestPolicies(
diff --git a/crypto/test/src/test/TestUtilities.cs b/crypto/test/src/test/TestUtilities.cs
index a79421207..63ca87873 100644
--- a/crypto/test/src/test/TestUtilities.cs
+++ b/crypto/test/src/test/TestUtilities.cs
@@ -1,9 +1,9 @@
using System;
-using System.Diagnostics;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Security.Certificates;
@@ -30,23 +30,22 @@ namespace Org.BouncyCastle.Tests
return kpGen.GenerateKeyPair();
}
- public static X509Certificate GenerateRootCert(
- AsymmetricCipherKeyPair pair)
- {
- X509V1CertificateGenerator certGen = new X509V1CertificateGenerator();
-
- certGen.SetSerialNumber(BigInteger.One);
- certGen.SetIssuerDN(new X509Name("CN=Test CA Certificate"));
- certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
- certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
- certGen.SetSubjectDN(new X509Name("CN=Test CA Certificate"));
- certGen.SetPublicKey(pair.Public);
- certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
-
- return certGen.Generate(pair.Private);
- }
-
- public static X509Certificate GenerateIntermediateCert(
+ public static X509Certificate GenerateRootCert(
+ AsymmetricCipherKeyPair pair)
+ {
+ Asn1SignatureFactory signatureFactory = new Asn1SignatureFactory("SHA256WithRSAEncryption", pair.Private, null);
+
+ X509V1CertificateGenerator certGen = new X509V1CertificateGenerator();
+ certGen.SetSerialNumber(BigInteger.One);
+ certGen.SetIssuerDN(new X509Name("CN=Test CA Certificate"));
+ certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50));
+ certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
+ certGen.SetSubjectDN(new X509Name("CN=Test CA Certificate"));
+ certGen.SetPublicKey(pair.Public);
+ return certGen.Generate(signatureFactory);
+ }
+
+ public static X509Certificate GenerateIntermediateCert(
AsymmetricKeyParameter intKey,
AsymmetricKeyParameter caKey,
X509Certificate caCert)
@@ -59,14 +58,13 @@ namespace Org.BouncyCastle.Tests
certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
certGen.SetSubjectDN(new X509Name("CN=Test Intermediate Certificate"));
certGen.SetPublicKey(intKey);
- certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
certGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert));
certGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(intKey));
certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(0));
certGen.AddExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.DigitalSignature | KeyUsage.KeyCertSign | KeyUsage.CrlSign));
- return certGen.Generate(caKey);
+ return certGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", caKey, null));
}
public static X509Certificate GenerateEndEntityCert(
@@ -82,14 +80,13 @@ namespace Org.BouncyCastle.Tests
certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50));
certGen.SetSubjectDN(new X509Name("CN=Test End Certificate"));
certGen.SetPublicKey(entityKey);
- certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
certGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert));
certGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(entityKey));
certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false));
certGen.AddExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.DigitalSignature | KeyUsage.KeyEncipherment));
- return certGen.Generate(caKey);
+ return certGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", caKey, null));
}
public static X509Crl CreateCrl(
@@ -99,20 +96,18 @@ namespace Org.BouncyCastle.Tests
{
X509V2CrlGenerator crlGen = new X509V2CrlGenerator();
DateTime now = DateTime.UtcNow;
-// BigInteger revokedSerialNumber = BigInteger.Two;
crlGen.SetIssuerDN(PrincipalUtilities.GetSubjectX509Principal(caCert));
crlGen.SetThisUpdate(now);
crlGen.SetNextUpdate(now.AddSeconds(100));
- crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
crlGen.AddCrlEntry(serialNumber, now, CrlReason.PrivilegeWithdrawn);
crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert));
crlGen.AddExtension(X509Extensions.CrlNumber, false, new CrlNumber(BigInteger.One));
- return crlGen.Generate(caKey);
+ return crlGen.Generate(new Asn1SignatureFactory("SHA256WithRSAEncryption", caKey, null));
}
public static X509Certificate CreateExceptionCertificate(
diff --git a/crypto/test/src/tsp/test/TSPTestUtil.cs b/crypto/test/src/tsp/test/TSPTestUtil.cs
index c8c6a63c0..20eb7e228 100644
--- a/crypto/test/src/tsp/test/TSPTestUtil.cs
+++ b/crypto/test/src/tsp/test/TSPTestUtil.cs
@@ -12,6 +12,7 @@ using Org.BouncyCastle.Asn1.TeleTrust;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Asn1.X9;
using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Security;
@@ -350,7 +351,6 @@ namespace Org.BouncyCastle.Tsp.Tests
_v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100));
_v3CertGen.SetSubjectDN(new X509Name(_subDN));
_v3CertGen.SetPublicKey(_subPub);
- _v3CertGen.SetSignatureAlgorithm("MD5WithRSAEncryption");
_v3CertGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false,
createSubjectKeyId(_subPub));
@@ -369,9 +369,10 @@ namespace Org.BouncyCastle.Tsp.Tests
ExtendedKeyUsage.GetInstance(new DerSequence(KeyPurposeID.IdKPTimeStamping)));
}
- X509Certificate _cert = _v3CertGen.Generate(_issPriv);
+ X509Certificate _cert = _v3CertGen.Generate(
+ new Asn1SignatureFactory("MD5WithRSAEncryption", _issPriv, null));
- _cert.CheckValidity(DateTime.UtcNow);
+ _cert.CheckValidity(DateTime.UtcNow);
_cert.Verify(_issPub);
return _cert;
diff --git a/crypto/test/src/x509/test/TestCertificateGen.cs b/crypto/test/src/x509/test/TestCertificateGen.cs
index 491f6d312..33ddc26c0 100644
--- a/crypto/test/src/x509/test/TestCertificateGen.cs
+++ b/crypto/test/src/x509/test/TestCertificateGen.cs
@@ -1,12 +1,12 @@
using System;
using System.Collections;
-using System.Text;
using NUnit.Framework;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Asn1.X9;
using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Crypto.Signers;
using Org.BouncyCastle.Math;
@@ -104,12 +104,11 @@ namespace Org.BouncyCastle.X509.Tests
certGen.SetNotAfter(DateTime.UtcNow.AddDays(1));
certGen.SetSubjectDN(new X509Name(ord, attrs));
certGen.SetPublicKey(rsaPublic);
- certGen.SetSignatureAlgorithm("MD5WithRSAEncryption");
- X509Certificate cert = certGen.Generate(rsaPrivate);
+ X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("MD5WithRSAEncryption", rsaPrivate, null));
-// Assert.IsTrue((cert.IsValidNow && cert.Verify(rsaPublic)),"Certificate failed to be valid (RSA)");
- cert.CheckValidity();
+ //Assert.IsTrue((cert.IsValidNow && cert.Verify(rsaPublic)),"Certificate failed to be valid (RSA)");
+ cert.CheckValidity();
cert.Verify(rsaPublic);
//Console.WriteLine(ASN1Dump.DumpAsString(cert.ToAsn1Object()));
@@ -181,12 +180,11 @@ namespace Org.BouncyCastle.X509.Tests
certGen.SetNotAfter(DateTime.UtcNow.AddDays(1));
certGen.SetSubjectDN(new X509Name(ord, attrs));
certGen.SetPublicKey(dsaPub);
- certGen.SetSignatureAlgorithm("SHA1WITHDSA");
- X509Certificate cert = certGen.Generate(dsaPriv);
+ X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("SHA1WITHDSA", dsaPriv, null));
-// Assert.IsTrue((cert.IsValidNow && cert.Verify(dsaPub)), "Certificate failed to be valid (DSA Test)");
- cert.CheckValidity();
+ //Assert.IsTrue((cert.IsValidNow && cert.Verify(dsaPub)), "Certificate failed to be valid (DSA Test)");
+ cert.CheckValidity();
cert.Verify(dsaPub);
//ISet dummySet = cert.GetNonCriticalExtensionOids();
@@ -262,14 +260,13 @@ namespace Org.BouncyCastle.X509.Tests
certGen.SetNotAfter(DateTime.UtcNow.AddDays(1));
certGen.SetSubjectDN(new X509Name(ord, attrs));
certGen.SetPublicKey(ecPub);
- certGen.SetSignatureAlgorithm("SHA1WITHECDSA");
certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false));
- X509Certificate cert = certGen.Generate(ecPriv);
+ X509Certificate cert = certGen.Generate(new Asn1SignatureFactory("SHA1WITHECDSA", ecPriv, null));
-// Assert.IsTrue((cert.IsValidNow && cert.Verify(ecPub)), "Certificate failed to be valid (ECDSA)");
- cert.CheckValidity();
+ //Assert.IsTrue((cert.IsValidNow && cert.Verify(ecPub)), "Certificate failed to be valid (ECDSA)");
+ cert.CheckValidity();
cert.Verify(ecPub);
ISet extOidSet = cert.GetCriticalExtensionOids();
|
