diff --git a/crypto/src/cmp/CertificateConfirmationContent.cs b/crypto/src/cmp/CertificateConfirmationContent.cs
index ad46ca039..ceb34e2c8 100644
--- a/crypto/src/cmp/CertificateConfirmationContent.cs
+++ b/crypto/src/cmp/CertificateConfirmationContent.cs
@@ -7,33 +7,33 @@ namespace Org.BouncyCastle.Cmp
{
public class CertificateConfirmationContent
{
- private readonly DefaultDigestAlgorithmIdentifierFinder digestAlgFinder;
- private readonly CertConfirmContent content;
+ private readonly DefaultDigestAlgorithmIdentifierFinder m_digestAlgFinder;
+ private readonly CertConfirmContent m_content;
public CertificateConfirmationContent(CertConfirmContent content)
{
- this.content = content;
+ this.m_content = content;
}
public CertificateConfirmationContent(CertConfirmContent content,
DefaultDigestAlgorithmIdentifierFinder digestAlgFinder)
{
- this.content = content;
- this.digestAlgFinder = digestAlgFinder;
+ this.m_content = content;
+ this.m_digestAlgFinder = digestAlgFinder;
}
public CertConfirmContent ToAsn1Structure()
{
- return content;
+ return m_content;
}
public CertificateStatus[] GetStatusMessages()
{
- CertStatus[] statusArray = content.ToCertStatusArray();
+ CertStatus[] statusArray = m_content.ToCertStatusArray();
CertificateStatus[] ret = new CertificateStatus[statusArray.Length];
for (int i = 0; i != ret.Length; i++)
{
- ret[i] = new CertificateStatus(digestAlgFinder, statusArray[i]);
+ ret[i] = new CertificateStatus(m_digestAlgFinder, statusArray[i]);
}
return ret;
diff --git a/crypto/src/cmp/CertificateConfirmationContentBuilder.cs b/crypto/src/cmp/CertificateConfirmationContentBuilder.cs
index b0647f9a5..fa7e5a897 100644
--- a/crypto/src/cmp/CertificateConfirmationContentBuilder.cs
+++ b/crypto/src/cmp/CertificateConfirmationContentBuilder.cs
@@ -1,5 +1,4 @@
-using System;
-using System.Collections.Generic;
+using System.Collections.Generic;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cmp;
@@ -11,13 +10,14 @@ using Org.BouncyCastle.X509;
namespace Org.BouncyCastle.Cmp
{
- public class CertificateConfirmationContentBuilder
+ public sealed class CertificateConfirmationContentBuilder
{
- private static readonly DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder();
+ private static readonly DefaultSignatureAlgorithmIdentifierFinder SigAlgFinder =
+ new DefaultSignatureAlgorithmIdentifierFinder();
- private readonly DefaultDigestAlgorithmIdentifierFinder digestAlgFinder;
- private readonly IList<X509Certificate> acceptedCerts = new List<X509Certificate>();
- private readonly IList<BigInteger> acceptedReqIds = new List<BigInteger>();
+ private readonly DefaultDigestAlgorithmIdentifierFinder m_digestAlgFinder;
+ private readonly IList<X509Certificate> m_acceptedCerts = new List<X509Certificate>();
+ private readonly IList<BigInteger> m_acceptedReqIDs = new List<BigInteger>();
public CertificateConfirmationContentBuilder()
: this(new DefaultDigestAlgorithmIdentifierFinder())
@@ -26,39 +26,40 @@ namespace Org.BouncyCastle.Cmp
public CertificateConfirmationContentBuilder(DefaultDigestAlgorithmIdentifierFinder digestAlgFinder)
{
- this.digestAlgFinder = digestAlgFinder;
+ this.m_digestAlgFinder = digestAlgFinder;
}
public CertificateConfirmationContentBuilder AddAcceptedCertificate(X509Certificate certHolder,
BigInteger certReqId)
{
- acceptedCerts.Add(certHolder);
- acceptedReqIds.Add(certReqId);
+ m_acceptedCerts.Add(certHolder);
+ m_acceptedReqIDs.Add(certReqId);
return this;
}
public CertificateConfirmationContent Build()
{
Asn1EncodableVector v = new Asn1EncodableVector();
- for (int i = 0; i != acceptedCerts.Count; i++)
+ for (int i = 0; i != m_acceptedCerts.Count; i++)
{
- X509Certificate cert = acceptedCerts[i];
- BigInteger reqId = acceptedReqIds[i];
+ X509Certificate cert = m_acceptedCerts[i];
+ BigInteger reqID = m_acceptedReqIDs[i];
+ AlgorithmIdentifier algorithmIdentifier = SigAlgFinder.Find(cert.SigAlgName);
+ if (null == algorithmIdentifier)
+ throw new CmpException("cannot find algorithm identifier for signature name");
- AlgorithmIdentifier algorithmIdentifier = sigAlgFinder.Find(cert.SigAlgName);
-
- AlgorithmIdentifier digAlg = digestAlgFinder.Find(algorithmIdentifier);
+ AlgorithmIdentifier digAlg = m_digestAlgFinder.Find(algorithmIdentifier);
if (null == digAlg)
throw new CmpException("cannot find algorithm for digest from signature");
byte[] digest = DigestUtilities.CalculateDigest(digAlg.Algorithm, cert.GetEncoded());
- v.Add(new CertStatus(digest, reqId));
+ v.Add(new CertStatus(digest, reqID));
}
return new CertificateConfirmationContent(CertConfirmContent.GetInstance(new DerSequence(v)),
- digestAlgFinder);
+ m_digestAlgFinder);
}
}
}
diff --git a/crypto/src/cmp/CertificateStatus.cs b/crypto/src/cmp/CertificateStatus.cs
index 2e3afe3b6..e697f73bc 100644
--- a/crypto/src/cmp/CertificateStatus.cs
+++ b/crypto/src/cmp/CertificateStatus.cs
@@ -24,17 +24,11 @@ namespace Org.BouncyCastle.Cmp
this.certStatus = certStatus;
}
- public PkiStatusInfo PkiStatusInfo
- {
- get { return certStatus.StatusInfo; }
- }
+ public virtual PkiStatusInfo StatusInfo => certStatus.StatusInfo;
- public BigInteger CertRequestId
- {
- get { return certStatus.CertReqID.Value; }
- }
+ public virtual BigInteger CertRequestID => certStatus.CertReqID.Value;
- public bool IsVerified(X509Certificate cert)
+ public virtual bool IsVerified(X509Certificate cert)
{
AlgorithmIdentifier digAlg = digestAlgFinder.Find(sigAlgFinder.Find(cert.SigAlgName));
if (null == digAlg)
diff --git a/crypto/src/cmp/GeneralPkiMessage.cs b/crypto/src/cmp/GeneralPkiMessage.cs
index 9b12ee77b..d52161f6c 100644
--- a/crypto/src/cmp/GeneralPkiMessage.cs
+++ b/crypto/src/cmp/GeneralPkiMessage.cs
@@ -1,13 +1,11 @@
-using System;
-
-using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cmp;
namespace Org.BouncyCastle.Cmp
{
public class GeneralPkiMessage
{
- private readonly PkiMessage pkiMessage;
+ private readonly PkiMessage m_pkiMessage;
private static PkiMessage ParseBytes(byte[] encoding)
{
@@ -20,7 +18,7 @@ namespace Org.BouncyCastle.Cmp
/// <param name="pkiMessage">PKI message.</param>
public GeneralPkiMessage(PkiMessage pkiMessage)
{
- this.pkiMessage = pkiMessage;
+ this.m_pkiMessage = pkiMessage;
}
/// <summary>
@@ -32,28 +30,16 @@ namespace Org.BouncyCastle.Cmp
{
}
- public PkiHeader Header
- {
- get { return pkiMessage.Header; }
- }
+ public virtual PkiHeader Header => m_pkiMessage.Header;
- public PkiBody Body
- {
- get { return pkiMessage.Body; }
- }
+ public virtual PkiBody Body => m_pkiMessage.Body;
/// <summary>
/// Return true if this message has protection bits on it. A return value of true
/// indicates the message can be used to construct a ProtectedPKIMessage.
/// </summary>
- public bool HasProtection
- {
- get { return pkiMessage.Protection != null; }
- }
+ public virtual bool HasProtection => m_pkiMessage.Protection != null;
- public PkiMessage ToAsn1Structure()
- {
- return pkiMessage;
- }
+ public virtual PkiMessage ToAsn1Structure() => m_pkiMessage;
}
}
diff --git a/crypto/src/cmp/ProtectedPkiMessage.cs b/crypto/src/cmp/ProtectedPkiMessage.cs
index 738fd8ab3..f99672cc7 100644
--- a/crypto/src/cmp/ProtectedPkiMessage.cs
+++ b/crypto/src/cmp/ProtectedPkiMessage.cs
@@ -15,7 +15,7 @@ namespace Org.BouncyCastle.Cmp
/// </summary>
public class ProtectedPkiMessage
{
- private readonly PkiMessage pkiMessage;
+ private readonly PkiMessage m_pkiMessage;
/// <summary>
/// Wrap a general message.
@@ -25,11 +25,12 @@ namespace Org.BouncyCastle.Cmp
public ProtectedPkiMessage(GeneralPkiMessage pkiMessage)
{
if (!pkiMessage.HasProtection)
- throw new ArgumentException("pki message not protected");
+ throw new ArgumentException("GeneralPkiMessage not protected");
- this.pkiMessage = pkiMessage.ToAsn1Structure();
+ this.m_pkiMessage = pkiMessage.ToAsn1Structure();
}
+ // TODO[cmp] Make internal? (Has test that uses it)
/// <summary>
/// Wrap a PKI message.
/// </summary>
@@ -38,63 +39,49 @@ namespace Org.BouncyCastle.Cmp
public ProtectedPkiMessage(PkiMessage pkiMessage)
{
if (null == pkiMessage.Header.ProtectionAlg)
- throw new ArgumentException("pki message not protected");
+ throw new ArgumentException("PkiMessage not protected");
- this.pkiMessage = pkiMessage;
+ this.m_pkiMessage = pkiMessage;
}
- /// <summary>
- /// Message header
- /// </summary>
- public PkiHeader Header
- {
- get { return pkiMessage.Header; }
- }
+ /// <summary>Message header</summary>
+ public virtual PkiHeader Header => m_pkiMessage.Header;
- /// <summary>
- /// Message Body
- /// </summary>
- public PkiBody Body
- {
- get { return pkiMessage.Body; }
- }
+ /// <summary>Message body</summary>
+ public virtual PkiBody Body => m_pkiMessage.Body;
/// <summary>
/// Return the underlying ASN.1 structure contained in this object.
/// </summary>
- /// <returns>PKI Message structure</returns>
- public PkiMessage ToAsn1Message()
- {
- return pkiMessage;
- }
+ /// <returns>PkiMessage structure</returns>
+ public virtual PkiMessage ToAsn1Message() => m_pkiMessage;
/// <summary>
/// Determine whether the message is protected by a password based MAC. Use verify(PKMACBuilder, char[])
/// to verify the message if this method returns true.
/// </summary>
/// <returns>true if protection MAC PBE based, false otherwise.</returns>
- public bool HasPasswordBasedMacProtected
+ public virtual bool HasPasswordBasedMacProtected
{
- get { return Header.ProtectionAlg.Algorithm.Equals(CmpObjectIdentifiers.passwordBasedMac); }
+ get { return CmpObjectIdentifiers.passwordBasedMac.Equals(Header.ProtectionAlg.Algorithm); }
}
/// <summary>
/// Return the extra certificates associated with this message.
/// </summary>
/// <returns>an array of extra certificates, zero length if none present.</returns>
- public X509Certificate[] GetCertificates()
+ public virtual X509Certificate[] GetCertificates()
{
- CmpCertificate[] certs = pkiMessage.GetExtraCerts();
+ CmpCertificate[] certs = m_pkiMessage.GetExtraCerts();
if (null == certs)
return new X509Certificate[0];
- X509Certificate[] res = new X509Certificate[certs.Length];
+ X509Certificate[] result = new X509Certificate[certs.Length];
for (int t = 0; t < certs.Length; t++)
{
- res[t] = new X509Certificate(X509CertificateStructure.GetInstance(certs[t].GetEncoded()));
+ result[t] = new X509Certificate(certs[t].X509v3PKCert);
}
-
- return res;
+ return result;
}
/// <summary>
@@ -102,27 +89,13 @@ namespace Org.BouncyCastle.Cmp
/// </summary>
/// <param name="verifierFactory">a factory of signature verifiers.</param>
/// <returns>true if the provider is able to create a verifier that validates the signature, false otherwise.</returns>
- public bool Verify(IVerifierFactory verifierFactory)
+ public virtual bool Verify(IVerifierFactory verifierFactory)
{
IStreamCalculator<IVerifier> streamCalculator = verifierFactory.CreateCalculator();
IVerifier result = Process(streamCalculator);
- return result.IsVerified(pkiMessage.Protection.GetBytes());
- }
-
- private TResult Process<TResult>(IStreamCalculator<TResult> streamCalculator)
- {
- Asn1EncodableVector avec = new Asn1EncodableVector();
- avec.Add(pkiMessage.Header);
- avec.Add(pkiMessage.Body);
- byte[] enc = new DerSequence(avec).GetDerEncoded();
-
- streamCalculator.Stream.Write(enc, 0, enc.Length);
- streamCalculator.Stream.Flush();
- Platform.Dispose(streamCalculator.Stream);
-
- return streamCalculator.GetResult();
+ return result.IsVerified(m_pkiMessage.Protection.GetBytes());
}
/// <summary>
@@ -132,18 +105,32 @@ namespace Org.BouncyCastle.Cmp
/// <param name="password">the MAC password</param>
/// <returns>true if the passed in password and MAC builder verify the message, false otherwise.</returns>
/// <exception cref="InvalidOperationException">if algorithm not MAC based, or an exception is thrown verifying the MAC.</exception>
- public bool Verify(PKMacBuilder pkMacBuilder, char[] password)
+ public virtual bool Verify(PKMacBuilder pkMacBuilder, char[] password)
{
- if (!CmpObjectIdentifiers.passwordBasedMac.Equals(pkiMessage.Header.ProtectionAlg.Algorithm))
+ if (!CmpObjectIdentifiers.passwordBasedMac.Equals(m_pkiMessage.Header.ProtectionAlg.Algorithm))
throw new InvalidOperationException("protection algorithm is not mac based");
- PbmParameter parameter = PbmParameter.GetInstance(pkiMessage.Header.ProtectionAlg.Parameters);
+ PbmParameter parameter = PbmParameter.GetInstance(m_pkiMessage.Header.ProtectionAlg.Parameters);
pkMacBuilder.SetParameters(parameter);
IBlockResult result = Process(pkMacBuilder.Build(password).CreateCalculator());
- return Arrays.ConstantTimeAreEqual(result.Collect(), this.pkiMessage.Protection.GetBytes());
+ return Arrays.ConstantTimeAreEqual(result.Collect(), m_pkiMessage.Protection.GetBytes());
+ }
+
+ private TResult Process<TResult>(IStreamCalculator<TResult> streamCalculator)
+ {
+ Asn1EncodableVector avec = new Asn1EncodableVector();
+ avec.Add(m_pkiMessage.Header);
+ avec.Add(m_pkiMessage.Body);
+ byte[] enc = new DerSequence(avec).GetDerEncoded();
+
+ streamCalculator.Stream.Write(enc, 0, enc.Length);
+ streamCalculator.Stream.Flush();
+ Platform.Dispose(streamCalculator.Stream);
+
+ return streamCalculator.GetResult();
}
}
}
diff --git a/crypto/src/cmp/ProtectedPkiMessageBuilder.cs b/crypto/src/cmp/ProtectedPkiMessageBuilder.cs
index 8573d1fc8..837eb177f 100644
--- a/crypto/src/cmp/ProtectedPkiMessageBuilder.cs
+++ b/crypto/src/cmp/ProtectedPkiMessageBuilder.cs
@@ -5,17 +5,16 @@ using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cmp;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.X509;
namespace Org.BouncyCastle.Cmp
{
- public class ProtectedPkiMessageBuilder
+ public sealed class ProtectedPkiMessageBuilder
{
- private PkiHeaderBuilder hdrBuilBuilder;
+ private readonly PkiHeaderBuilder m_hdrBuilder;
private PkiBody body;
- private List<InfoTypeAndValue> generalInfos = new List<InfoTypeAndValue>();
- private List<X509Certificate> extraCerts = new List<X509Certificate>();
+ private readonly List<InfoTypeAndValue> generalInfos = new List<InfoTypeAndValue>();
+ private readonly List<X509Certificate> extraCerts = new List<X509Certificate>();
public ProtectedPkiMessageBuilder(GeneralName sender, GeneralName recipient)
: this(PkiHeader.CMP_2000, sender, recipient)
@@ -24,18 +23,18 @@ namespace Org.BouncyCastle.Cmp
public ProtectedPkiMessageBuilder(int pvno, GeneralName sender, GeneralName recipient)
{
- hdrBuilBuilder = new PkiHeaderBuilder(pvno, sender, recipient);
+ m_hdrBuilder = new PkiHeaderBuilder(pvno, sender, recipient);
}
public ProtectedPkiMessageBuilder SetTransactionId(byte[] tid)
{
- hdrBuilBuilder.SetTransactionID(tid);
+ m_hdrBuilder.SetTransactionID(tid);
return this;
}
public ProtectedPkiMessageBuilder SetFreeText(PkiFreeText freeText)
{
- hdrBuilBuilder.SetFreeText(freeText);
+ m_hdrBuilder.SetFreeText(freeText);
return this;
}
@@ -47,31 +46,31 @@ namespace Org.BouncyCastle.Cmp
public ProtectedPkiMessageBuilder SetMessageTime(DerGeneralizedTime generalizedTime)
{
- hdrBuilBuilder.SetMessageTime(generalizedTime);
+ m_hdrBuilder.SetMessageTime(generalizedTime);
return this;
}
public ProtectedPkiMessageBuilder SetRecipKID(byte[] id)
{
- hdrBuilBuilder.SetRecipKID(id);
+ m_hdrBuilder.SetRecipKID(id);
return this;
}
public ProtectedPkiMessageBuilder SetRecipNonce(byte[] nonce)
{
- hdrBuilBuilder.SetRecipNonce(nonce);
+ m_hdrBuilder.SetRecipNonce(nonce);
return this;
}
public ProtectedPkiMessageBuilder SetSenderKID(byte[] id)
{
- hdrBuilBuilder.SetSenderKID(id);
+ m_hdrBuilder.SetSenderKID(id);
return this;
}
public ProtectedPkiMessageBuilder SetSenderNonce(byte[] nonce)
{
- hdrBuilBuilder.SetSenderNonce(nonce);
+ m_hdrBuilder.SetSenderNonce(nonce);
return this;
}
@@ -94,35 +93,37 @@ namespace Org.BouncyCastle.Cmp
IStreamCalculator<IBlockResult> calculator = signatureFactory.CreateCalculator();
- if (!(signatureFactory.AlgorithmDetails is AlgorithmIdentifier))
- {
+ if (!(signatureFactory.AlgorithmDetails is AlgorithmIdentifier algorithmDetails))
throw new ArgumentException("AlgorithmDetails is not AlgorithmIdentifier");
- }
- FinalizeHeader((AlgorithmIdentifier)signatureFactory.AlgorithmDetails);
- PkiHeader header = hdrBuilBuilder.Build();
+ FinalizeHeader(algorithmDetails);
+ PkiHeader header = m_hdrBuilder.Build();
DerBitString protection = new DerBitString(CalculateSignature(calculator, header, body));
return FinalizeMessage(header, protection);
}
- public ProtectedPkiMessage Build(IMacFactory factory)
+ public ProtectedPkiMessage Build(IMacFactory macFactory)
{
if (null == body)
throw new InvalidOperationException("body must be set before building");
- IStreamCalculator<IBlockResult> calculator = factory.CreateCalculator();
- FinalizeHeader((AlgorithmIdentifier)factory.AlgorithmDetails);
- PkiHeader header = hdrBuilBuilder.Build();
+ IStreamCalculator<IBlockResult> calculator = macFactory.CreateCalculator();
+
+ if (!(macFactory.AlgorithmDetails is AlgorithmIdentifier algorithmDetails))
+ throw new ArgumentException("AlgorithmDetails is not AlgorithmIdentifier");
+
+ FinalizeHeader(algorithmDetails);
+ PkiHeader header = m_hdrBuilder.Build();
DerBitString protection = new DerBitString(CalculateSignature(calculator, header, body));
return FinalizeMessage(header, protection);
}
private void FinalizeHeader(AlgorithmIdentifier algorithmIdentifier)
{
- hdrBuilBuilder.SetProtectionAlg(algorithmIdentifier);
+ m_hdrBuilder.SetProtectionAlg(algorithmIdentifier);
if (generalInfos.Count > 0)
{
- hdrBuilBuilder.SetGeneralInfo(generalInfos.ToArray());
+ m_hdrBuilder.SetGeneralInfo(generalInfos.ToArray());
}
}
@@ -134,8 +135,7 @@ namespace Org.BouncyCastle.Cmp
CmpCertificate[] cmpCertificates = new CmpCertificate[extraCerts.Count];
for (int i = 0; i < cmpCertificates.Length; i++)
{
- byte[] cert = extraCerts[i].GetEncoded();
- cmpCertificates[i] = CmpCertificate.GetInstance(Asn1Object.FromByteArray(cert));
+ cmpCertificates[i] = new CmpCertificate(extraCerts[i].CertificateStructure);
}
return new ProtectedPkiMessage(new PkiMessage(header, body, protection, cmpCertificates));
diff --git a/crypto/src/cmp/RevocationDetails.cs b/crypto/src/cmp/RevocationDetails.cs
index 2d3f9a5eb..6060c6575 100644
--- a/crypto/src/cmp/RevocationDetails.cs
+++ b/crypto/src/cmp/RevocationDetails.cs
@@ -1,38 +1,24 @@
-using System;
-
-using Org.BouncyCastle.Asn1.Cmp;
+using Org.BouncyCastle.Asn1.Cmp;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Math;
namespace Org.BouncyCastle.Cmp
{
- public class RevocationDetails
+ public struct RevocationDetails
{
- private readonly RevDetails revDetails;
+ private readonly RevDetails m_revDetails;
public RevocationDetails(RevDetails revDetails)
{
- this.revDetails = revDetails;
+ m_revDetails = revDetails;
}
- public X509Name Subject
- {
- get { return revDetails.CertDetails.Subject; }
- }
+ public X509Name Subject => m_revDetails.CertDetails.Subject;
- public X509Name Issuer
- {
- get { return revDetails.CertDetails.Issuer; }
- }
+ public X509Name Issuer => m_revDetails.CertDetails.Issuer;
- public BigInteger SerialNumber
- {
- get { return revDetails.CertDetails.SerialNumber.Value; }
- }
+ public BigInteger SerialNumber => m_revDetails.CertDetails.SerialNumber.Value;
- public RevDetails ToASN1Structure()
- {
- return revDetails;
- }
+ public RevDetails ToASN1Structure() => m_revDetails;
}
}
diff --git a/crypto/src/cmp/RevocationDetailsBuilder.cs b/crypto/src/cmp/RevocationDetailsBuilder.cs
index b3be01242..086bf9c11 100644
--- a/crypto/src/cmp/RevocationDetailsBuilder.cs
+++ b/crypto/src/cmp/RevocationDetailsBuilder.cs
@@ -1,6 +1,4 @@
-using System;
-
-using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cmp;
using Org.BouncyCastle.Asn1.Crmf;
using Org.BouncyCastle.Asn1.X509;
@@ -8,15 +6,15 @@ using Org.BouncyCastle.Math;
namespace Org.BouncyCastle.Cmp
{
- public class RevocationDetailsBuilder
+ public sealed class RevocationDetailsBuilder
{
- private readonly CertTemplateBuilder _templateBuilder = new CertTemplateBuilder();
+ private readonly CertTemplateBuilder m_templateBuilder = new CertTemplateBuilder();
public RevocationDetailsBuilder SetPublicKey(SubjectPublicKeyInfo publicKey)
{
if (publicKey != null)
{
- _templateBuilder.SetPublicKey(publicKey);
+ m_templateBuilder.SetPublicKey(publicKey);
}
return this;
@@ -26,7 +24,7 @@ namespace Org.BouncyCastle.Cmp
{
if (issuer != null)
{
- _templateBuilder.SetIssuer(issuer);
+ m_templateBuilder.SetIssuer(issuer);
}
return this;
@@ -36,7 +34,7 @@ namespace Org.BouncyCastle.Cmp
{
if (serialNumber != null)
{
- _templateBuilder.SetSerialNumber(new DerInteger(serialNumber));
+ m_templateBuilder.SetSerialNumber(new DerInteger(serialNumber));
}
return this;
@@ -46,7 +44,7 @@ namespace Org.BouncyCastle.Cmp
{
if (subject != null)
{
- _templateBuilder.SetSubject(subject);
+ m_templateBuilder.SetSubject(subject);
}
return this;
@@ -54,7 +52,7 @@ namespace Org.BouncyCastle.Cmp
public RevocationDetails Build()
{
- return new RevocationDetails(new RevDetails(_templateBuilder.Build()));
+ return new RevocationDetails(new RevDetails(m_templateBuilder.Build()));
}
}
}
\ No newline at end of file
diff --git a/crypto/test/src/cmp/test/ProtectedMessageTest.cs b/crypto/test/src/cmp/test/ProtectedMessageTest.cs
index b66e11bac..7f6001d81 100644
--- a/crypto/test/src/cmp/test/ProtectedMessageTest.cs
+++ b/crypto/test/src/cmp/test/ProtectedMessageTest.cs
@@ -22,7 +22,8 @@ using Org.BouncyCastle.X509;
namespace Org.BouncyCastle.Cmp.Tests
{
[TestFixture]
- public class ProtectedMessageTest : SimpleTest
+ public class ProtectedMessageTest
+ : SimpleTest
{
public override string Name
{
@@ -39,87 +40,57 @@ namespace Org.BouncyCastle.Cmp.Tests
TestSampleCr();
}
- // [Test]
- // public void TestServerSideKey()
- // {
- // RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator();
- // rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100));
- // AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair();
- //
- // TestCertBuilder builder = new TestCertBuilder()
- // {
- // Issuer = new X509Name("CN=Test"),
- // Subject = new X509Name("CN=Test"),
- // NotBefore = DateTime.UtcNow.AddDays(-1),
- // NotAfter = DateTime.UtcNow.AddDays(1),
- // PublicKey = rsaKeyPair.Public,
- // SignatureAlgorithm = "MD5WithRSAEncryption"
- // };
- //
- // builder.AddAttribute(X509Name.C, "Foo");
- // X509Certificate cert = builder.Build(rsaKeyPair.Private);
- //
- // GeneralName sender = new GeneralName(new X509Name("CN=Sender"));
- // GeneralName recipient = new GeneralName(new X509Name("CN=Recip"));
- //
- //
- //
- // }
+ //[Test]
+ //public void TestServerSideKey()
+ //{
+ // RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator();
+ // rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 512, 100));
+ // AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair();
+
+ // TestCertBuilder builder = new TestCertBuilder()
+ // {
+ // Issuer = new X509Name("CN=Test"),
+ // Subject = new X509Name("CN=Test"),
+ // NotBefore = DateTime.UtcNow.AddDays(-1),
+ // NotAfter = DateTime.UtcNow.AddDays(1),
+ // PublicKey = rsaKeyPair.Public,
+ // SignatureAlgorithm = "MD5WithRSAEncryption",
+ // };
+ // builder.AddAttribute(X509Name.C, "Foo");
+ // X509Certificate cert = builder.Build(rsaKeyPair.Private);
+
+ // GeneralName sender = new GeneralName(new X509Name("CN=Sender"));
+ // GeneralName recipient = new GeneralName(new X509Name("CN=Recip"));
+ //}
[Test]
public void TestNotBeforeNotAfter()
{
RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator();
- rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100));
+ rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 512, 100));
AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair();
- DoNotBeforeNotAfterTest(rsaKeyPair, MakeUtcDateTime(1, 1, 1, 0, 0, 1), MakeUtcDateTime(1, 1, 1, 0, 0, 10));
- DoNotBeforeNotAfterTest(rsaKeyPair, null, MakeUtcDateTime(1, 1, 1, 0, 0, 10));
- DoNotBeforeNotAfterTest(rsaKeyPair, MakeUtcDateTime(1, 1, 1, 0, 0, 1), null);
- }
-
- private void DoNotBeforeNotAfterTest(AsymmetricCipherKeyPair kp, DateTime? notBefore, DateTime? notAfter)
- {
- CertificateRequestMessageBuilder builder = new CertificateRequestMessageBuilder(BigInteger.One)
- .SetPublicKey(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(kp.Public))
- .SetProofOfPossessionSubsequentMessage(SubsequentMessage.encrCert);
-
- builder.SetValidity(notBefore, notAfter);
- CertificateRequestMessage msg = builder.Build();
-
- if (notBefore != null)
- {
- IsTrue("NotBefore did not match", notBefore.Equals(msg.GetCertTemplate().Validity.NotBefore.ToDateTime()));
- }
- else
- {
- Assert.IsNull(msg.GetCertTemplate().Validity.NotBefore);
- }
-
- if (notAfter != null)
- {
- IsTrue("NotAfter did not match", notAfter.Equals(msg.GetCertTemplate().Validity.NotAfter.ToDateTime()));
- }
- else
- {
- Assert.IsNull(msg.GetCertTemplate().Validity.NotAfter);
- }
+ ImplNotBeforeNotAfterTest(rsaKeyPair, MakeUtcDateTime(1, 1, 1, 0, 0, 1), MakeUtcDateTime(1, 1, 1, 0, 0, 10));
+ ImplNotBeforeNotAfterTest(rsaKeyPair, null, MakeUtcDateTime(1, 1, 1, 0, 0, 10));
+ ImplNotBeforeNotAfterTest(rsaKeyPair, MakeUtcDateTime(1, 1, 1, 0, 0, 1), null);
}
[Test]
public void TestSubsequentMessage()
{
RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator();
- rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100));
+ rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 512, 100));
AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair();
- TestCertBuilder builder = new TestCertBuilder();
- builder.NotBefore = DateTime.UtcNow.AddDays(-1);
- builder.NotAfter = DateTime.UtcNow.AddDays(1);
- builder.PublicKey = rsaKeyPair.Public;
- builder.SignatureAlgorithm = "Sha1WithRSAEncryption";
-
+ TestCertBuilder builder = new TestCertBuilder()
+ {
+ NotBefore = DateTime.UtcNow.AddDays(-1),
+ NotAfter = DateTime.UtcNow.AddDays(1),
+ PublicKey = rsaKeyPair.Public,
+ SignatureAlgorithm = "Sha1WithRSAEncryption",
+ };
X509Certificate cert = builder.Build(rsaKeyPair.Private);
+
GeneralName user = new GeneralName(new X509Name("CN=Test"));
CertificateRequestMessageBuilder crmBuiler = new CertificateRequestMessageBuilder(BigInteger.One)
@@ -162,15 +133,16 @@ namespace Org.BouncyCastle.Cmp.Tests
public void TestConfirmationMessage()
{
RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator();
- rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100));
+ rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 512, 100));
AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair();
- TestCertBuilder builder = new TestCertBuilder();
- builder.NotBefore = DateTime.UtcNow.AddDays(-1);
- builder.NotAfter = DateTime.UtcNow.AddDays(1);
- builder.PublicKey = rsaKeyPair.Public;
- builder.SignatureAlgorithm = "Sha1WithRSAEncryption";
-
+ TestCertBuilder builder = new TestCertBuilder()
+ {
+ NotBefore = DateTime.UtcNow.AddDays(-1),
+ NotAfter = DateTime.UtcNow.AddDays(1),
+ PublicKey = rsaKeyPair.Public,
+ SignatureAlgorithm = "Sha1WithRSAEncryption",
+ };
builder.AddAttribute(X509Name.C, "Foo");
X509Certificate cert = builder.Build(rsaKeyPair.Private);
@@ -190,7 +162,7 @@ namespace Org.BouncyCastle.Cmp.Tests
IVerifierFactory verifierFactory = new Asn1VerifierFactory("MD5WithRSA", rsaKeyPair.Public);
- IsTrue("PKIMessage must verify (MD5withRSA)", msg.Verify(verifierFactory));
+ IsTrue("PkiMessage must verify (MD5withRSA)", msg.Verify(verifierFactory));
IsEquals(sender, msg.Header.Sender);
IsEquals(recipient, msg.Header.Recipient);
@@ -205,15 +177,16 @@ namespace Org.BouncyCastle.Cmp.Tests
public void TestProtectedMessage()
{
RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator();
- rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100));
+ rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 512, 100));
AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair();
- TestCertBuilder builder = new TestCertBuilder();
- builder.NotBefore = DateTime.UtcNow.AddDays(-1);
- builder.NotAfter = DateTime.UtcNow.AddDays(1);
- builder.PublicKey = rsaKeyPair.Public;
- builder.SignatureAlgorithm = "Sha1WithRSAEncryption";
-
+ TestCertBuilder builder = new TestCertBuilder()
+ {
+ NotBefore = DateTime.UtcNow.AddDays(-1),
+ NotAfter = DateTime.UtcNow.AddDays(1),
+ PublicKey = rsaKeyPair.Public,
+ SignatureAlgorithm = "Sha1WithRSAEncryption",
+ };
builder.AddAttribute(X509Name.C, "Foo");
X509Certificate cert = builder.Build(rsaKeyPair.Private);
@@ -232,23 +205,24 @@ namespace Org.BouncyCastle.Cmp.Tests
IVerifierFactory verifierFactory = new Asn1VerifierFactory("MD5WithRSA", rsaKeyPair.Public);
- IsTrue("PKIMessage must verify (MD5withRSA)", msg.Verify(verifierFactory));
+ IsTrue("PkiMessage must verify (MD5withRSA)", msg.Verify(verifierFactory));
}
[Test]
public void TestMacProtectedMessage()
{
RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator();
- rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048,
+ rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 512,
100));
AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair();
- TestCertBuilder builder = new TestCertBuilder();
- builder.NotBefore = DateTime.UtcNow.AddDays(-1);
- builder.NotAfter = DateTime.UtcNow.AddDays(1);
- builder.PublicKey = rsaKeyPair.Public;
- builder.SignatureAlgorithm = "Sha1WithRSAEncryption";
-
+ TestCertBuilder builder = new TestCertBuilder()
+ {
+ NotBefore = DateTime.UtcNow.AddDays(-1),
+ NotAfter = DateTime.UtcNow.AddDays(1),
+ PublicKey = rsaKeyPair.Public,
+ SignatureAlgorithm = "Sha1WithRSAEncryption",
+ };
builder.AddAttribute(X509Name.C, "Foo");
X509Certificate cert = builder.Build(rsaKeyPair.Private);
@@ -276,24 +250,24 @@ namespace Org.BouncyCastle.Cmp.Tests
// Test with content generated by BC-JAVA version.
//
- ICipherParameters publicKey = PublicKeyFactory.CreateKey(Hex.Decode(
- "305c300d06092a864886f70d0101010500034b003048024100ac1e59ba5f96" +
- "ba86c86e6d8bbfd43ece04265fa29e6ebdb320388b58af365d05b26970cbd2" +
- "6e5b0fa7df2074b90b42a1d16ab270cdb851b53e464b87f683774502030100" +
- "01"));
- ICipherParameters privateKey = PrivateKeyFactory.CreateKey(Hex.Decode(
- "30820155020100300d06092a864886f70d01010105000482013f3082013b02" +
- "0100024100ac1e59ba5f96ba86c86e6d8bbfd43ece04265fa29e6ebdb32038" +
- "8b58af365d05b26970cbd26e5b0fa7df2074b90b42a1d16ab270cdb851b53e" +
- "464b87f68377450203010001024046f3f208570c735349bfe00fdaa1fbcc00" +
- "c0f2eebe42279876a168ac43fa74a8cdf9a1bb49066c07cfcfa7196f69f2b9" +
- "419d378109db967891428c50273dcc37022100d488dc3fb86f404d726a8166" +
- "b2a9aba9bee12fdbf38470a62403a2a20bad0977022100cf51874e479b141f" +
- "9915533bf54d68f1940f84d7fe6130538ff01a23e3493423022100986f94f1" +
- "0afa9837341219bfabf32fd16ebb9a94fa630a5ccf45e036b383275f02201b" +
- "6dff07f563684b31f6e757548254733a12bf91d05f4d8490d3c4b1a0ddcb9f" +
- "02210087c3b2049e9a3edfc4cb40a3a275dabf7ffff80b467157e384603042" +
- "3fe91d68"));
+ //ICipherParameters publicKey = PublicKeyFactory.CreateKey(Hex.Decode(
+ // "305c300d06092a864886f70d0101010500034b003048024100ac1e59ba5f96" +
+ // "ba86c86e6d8bbfd43ece04265fa29e6ebdb320388b58af365d05b26970cbd2" +
+ // "6e5b0fa7df2074b90b42a1d16ab270cdb851b53e464b87f683774502030100" +
+ // "01"));
+ //ICipherParameters privateKey = PrivateKeyFactory.CreateKey(Hex.Decode(
+ // "30820155020100300d06092a864886f70d01010105000482013f3082013b02" +
+ // "0100024100ac1e59ba5f96ba86c86e6d8bbfd43ece04265fa29e6ebdb32038" +
+ // "8b58af365d05b26970cbd26e5b0fa7df2074b90b42a1d16ab270cdb851b53e" +
+ // "464b87f68377450203010001024046f3f208570c735349bfe00fdaa1fbcc00" +
+ // "c0f2eebe42279876a168ac43fa74a8cdf9a1bb49066c07cfcfa7196f69f2b9" +
+ // "419d378109db967891428c50273dcc37022100d488dc3fb86f404d726a8166" +
+ // "b2a9aba9bee12fdbf38470a62403a2a20bad0977022100cf51874e479b141f" +
+ // "9915533bf54d68f1940f84d7fe6130538ff01a23e3493423022100986f94f1" +
+ // "0afa9837341219bfabf32fd16ebb9a94fa630a5ccf45e036b383275f02201b" +
+ // "6dff07f563684b31f6e757548254733a12bf91d05f4d8490d3c4b1a0ddcb9f" +
+ // "02210087c3b2049e9a3edfc4cb40a3a275dabf7ffff80b467157e384603042" +
+ // "3fe91d68"));
byte[] ind = Hex.Decode(
"308201ac306e020102a4133011310f300d06035504030c0653656e646572a4" +
@@ -317,54 +291,53 @@ namespace Org.BouncyCastle.Cmp.Tests
IsTrue(pkiMsg.Verify(new PKMacBuilder().SetParameters(pbmParameters), "secret".ToCharArray()));
}
+
+ private void ImplNotBeforeNotAfterTest(AsymmetricCipherKeyPair kp, DateTime? notBefore, DateTime? notAfter)
+ {
+ CertificateRequestMessageBuilder builder = new CertificateRequestMessageBuilder(BigInteger.One)
+ .SetPublicKey(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(kp.Public))
+ .SetProofOfPossessionSubsequentMessage(SubsequentMessage.encrCert);
+
+ builder.SetValidity(notBefore, notAfter);
+ CertificateRequestMessage msg = builder.Build();
+
+ if (notBefore != null)
+ {
+ IsTrue("NotBefore did not match", notBefore.Equals(msg.GetCertTemplate().Validity.NotBefore.ToDateTime()));
+ }
+ else
+ {
+ Assert.IsNull(msg.GetCertTemplate().Validity.NotBefore);
+ }
+
+ if (notAfter != null)
+ {
+ IsTrue("NotAfter did not match", notAfter.Equals(msg.GetCertTemplate().Validity.NotAfter.ToDateTime()));
+ }
+ else
+ {
+ Assert.IsNull(msg.GetCertTemplate().Validity.NotAfter);
+ }
+ }
}
public class TestCertBuilder
{
- IDictionary<DerObjectIdentifier, string> attrs = new Dictionary<DerObjectIdentifier, string>();
- IList<DerObjectIdentifier> ord = new List<DerObjectIdentifier>();
- IList<string> values = new List<string>();
+ private readonly Dictionary<DerObjectIdentifier, string> attrs = new Dictionary<DerObjectIdentifier, string>();
+ private readonly List<DerObjectIdentifier> ord = new List<DerObjectIdentifier>();
+ private readonly List<string> values = new List<string>();
- private DateTime notBefore, notAfter;
- private AsymmetricKeyParameter publicKey;
- private string signatureAlgorithm;
- private X509Name issuer, subject;
+ public DateTime NotBefore { get; set; }
- public DateTime NotBefore
- {
- get { return notBefore; }
- set { this.notBefore = value; }
- }
+ public DateTime NotAfter { get; set; }
- public DateTime NotAfter
- {
- get { return notAfter; }
- set { this.notAfter = value; }
- }
+ public AsymmetricKeyParameter PublicKey { get; set; }
- public AsymmetricKeyParameter PublicKey
- {
- get { return publicKey; }
- set { this.publicKey = value; }
- }
+ public string SignatureAlgorithm { get; set; }
- public string SignatureAlgorithm
- {
- get { return signatureAlgorithm; }
- set { this.signatureAlgorithm = value; }
- }
+ public X509Name Issuer { get; set; }
- public X509Name Issuer
- {
- get { return issuer; }
- set { this.issuer = value; }
- }
-
- public X509Name Subject
- {
- get { return subject; }
- set { this.subject = value; }
- }
+ public X509Name Subject { get; set; }
public TestCertBuilder AddAttribute(DerObjectIdentifier name, string value)
{
|
