summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--crypto/src/cms/CMSEnvelopedGenerator.cs10
-rw-r--r--crypto/src/cms/CMSEnvelopedHelper.cs123
-rw-r--r--crypto/src/cms/KEKRecipientInfoGenerator.cs2
-rw-r--r--crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs2
-rw-r--r--crypto/src/cms/PasswordRecipientInfoGenerator.cs4
-rw-r--r--crypto/src/cms/SignerInformation.cs2
-rw-r--r--crypto/src/util/Platform.cs5
7 files changed, 64 insertions, 84 deletions
diff --git a/crypto/src/cms/CMSEnvelopedGenerator.cs b/crypto/src/cms/CMSEnvelopedGenerator.cs
index eef572878..22a999766 100644
--- a/crypto/src/cms/CMSEnvelopedGenerator.cs
+++ b/crypto/src/cms/CMSEnvelopedGenerator.cs
@@ -6,6 +6,7 @@ using Org.BouncyCastle.Asn1.Cms;
 using Org.BouncyCastle.Asn1.Kisa;
 using Org.BouncyCastle.Asn1.Nist;
 using Org.BouncyCastle.Asn1.Ntt;
+using Org.BouncyCastle.Asn1.Oiw;
 using Org.BouncyCastle.Asn1.Pkcs;
 using Org.BouncyCastle.Asn1.X509;
 using Org.BouncyCastle.Asn1.X9;
@@ -74,14 +75,21 @@ namespace Org.BouncyCastle.Cms
 //		};
 
 
-		// TODO Create named constants for all of these
+		public static readonly string DesCbc			= OiwObjectIdentifiers.DesCbc.Id;
 		public static readonly string DesEde3Cbc		= PkcsObjectIdentifiers.DesEde3Cbc.Id;
 		public static readonly string RC2Cbc			= PkcsObjectIdentifiers.RC2Cbc.Id;
+		// TODO[api] Change these to static readonly (and ideally find actual OIDs)
 		public const string IdeaCbc						= "1.3.6.1.4.1.188.7.1.1.2";
 		public const string Cast5Cbc					= "1.2.840.113533.7.66.10";
 		public static readonly string Aes128Cbc			= NistObjectIdentifiers.IdAes128Cbc.Id;
 		public static readonly string Aes192Cbc			= NistObjectIdentifiers.IdAes192Cbc.Id;
 		public static readonly string Aes256Cbc			= NistObjectIdentifiers.IdAes256Cbc.Id;
+		public static readonly string Aes128Ccm			= NistObjectIdentifiers.IdAes128Ccm.Id;
+		public static readonly string Aes192Ccm			= NistObjectIdentifiers.IdAes192Ccm.Id;
+		public static readonly string Aes256Ccm			= NistObjectIdentifiers.IdAes256Ccm.Id;
+		public static readonly string Aes128Gcm			= NistObjectIdentifiers.IdAes128Gcm.Id;
+		public static readonly string Aes192Gcm			= NistObjectIdentifiers.IdAes192Gcm.Id;
+		public static readonly string Aes256Gcm			= NistObjectIdentifiers.IdAes256Gcm.Id;
 		public static readonly string Camellia128Cbc	= NttObjectIdentifiers.IdCamellia128Cbc.Id;
 		public static readonly string Camellia192Cbc	= NttObjectIdentifiers.IdCamellia192Cbc.Id;
 		public static readonly string Camellia256Cbc	= NttObjectIdentifiers.IdCamellia256Cbc.Id;
diff --git a/crypto/src/cms/CMSEnvelopedHelper.cs b/crypto/src/cms/CMSEnvelopedHelper.cs
index 888aba817..40c5e6868 100644
--- a/crypto/src/cms/CMSEnvelopedHelper.cs
+++ b/crypto/src/cms/CMSEnvelopedHelper.cs
@@ -13,91 +13,36 @@ using Org.BouncyCastle.Utilities.IO;
 
 namespace Org.BouncyCastle.Cms
 {
-	class CmsEnvelopedHelper
+	// TODO[api] Make static
+	internal class CmsEnvelopedHelper
 	{
 		internal static readonly CmsEnvelopedHelper Instance = new CmsEnvelopedHelper();
 
-		private static readonly IDictionary<string, int> KeySizes = new Dictionary<string, int>();
-		private static readonly IDictionary<string, string> BaseCipherNames = new Dictionary<string, string>();
+		private static readonly Dictionary<string, int> KeySizes = new Dictionary<string, int>();
+		private static readonly Dictionary<string, string> Rfc3211WrapperNames = new Dictionary<string, string>();
 
 		static CmsEnvelopedHelper()
 		{
-			KeySizes.Add(CmsEnvelopedGenerator.DesEde3Cbc, 192);
 			KeySizes.Add(CmsEnvelopedGenerator.Aes128Cbc, 128);
 			KeySizes.Add(CmsEnvelopedGenerator.Aes192Cbc, 192);
 			KeySizes.Add(CmsEnvelopedGenerator.Aes256Cbc, 256);
-
-			BaseCipherNames.Add(CmsEnvelopedGenerator.DesEde3Cbc,  "DESEDE");
-			BaseCipherNames.Add(CmsEnvelopedGenerator.Aes128Cbc,  "AES");
-			BaseCipherNames.Add(CmsEnvelopedGenerator.Aes192Cbc,  "AES");
-			BaseCipherNames.Add(CmsEnvelopedGenerator.Aes256Cbc,  "AES");
-		}
-
-		private string GetAsymmetricEncryptionAlgName(
-			string encryptionAlgOid)
-		{
-			if (Asn1.Pkcs.PkcsObjectIdentifiers.RsaEncryption.Id.Equals(encryptionAlgOid))
-			{
-				return "RSA/ECB/PKCS1Padding";
-			}
-
-			return encryptionAlgOid;
-		}
-
-		internal IBufferedCipher CreateAsymmetricCipher(
-			string encryptionOid)
-		{
-			string asymName = GetAsymmetricEncryptionAlgName(encryptionOid);
-			if (!asymName.Equals(encryptionOid))
-			{
-				try
-				{
-					return CipherUtilities.GetCipher(asymName);
-				}
-				catch (SecurityUtilityException)
-				{
-					// Ignore
-				}
-			}
-			return CipherUtilities.GetCipher(encryptionOid);
-		}
-
-		internal IWrapper CreateWrapper(
-			string encryptionOid)
-		{
-			try
-			{
-				return WrapperUtilities.GetWrapper(encryptionOid);
-			}
-			catch (SecurityUtilityException)
-			{
-				return WrapperUtilities.GetWrapper(GetAsymmetricEncryptionAlgName(encryptionOid));
-			}
-		}
-
-		internal string GetRfc3211WrapperName(string oid)
-		{
-			if (oid == null)
-				throw new ArgumentNullException(nameof(oid));
-
-			if (!BaseCipherNames.TryGetValue(oid, out var alg))
-				throw new ArgumentException("no name for " + oid, nameof(oid));
-
-			return alg + "RFC3211Wrap";
-		}
-
-		internal int GetKeySize(string oid)
-		{
-			if (oid == null)
-				throw new ArgumentNullException(nameof(oid));
-
-			if (!KeySizes.TryGetValue(oid, out var keySize))
-				throw new ArgumentException("no keysize for " + oid, "oid");
-
-			return keySize;
-		}
-
-		internal static RecipientInformationStore BuildRecipientInformationStore(
+            KeySizes.Add(CmsEnvelopedGenerator.Camellia128Cbc, 128);
+            KeySizes.Add(CmsEnvelopedGenerator.Camellia192Cbc, 192);
+            KeySizes.Add(CmsEnvelopedGenerator.Camellia256Cbc, 256);
+            KeySizes.Add(CmsEnvelopedGenerator.DesCbc, 64);
+            KeySizes.Add(CmsEnvelopedGenerator.DesEde3Cbc, 192);
+
+            Rfc3211WrapperNames.Add(CmsEnvelopedGenerator.Aes128Cbc, "AESRFC3211WRAP");
+            Rfc3211WrapperNames.Add(CmsEnvelopedGenerator.Aes192Cbc, "AESRFC3211WRAP");
+            Rfc3211WrapperNames.Add(CmsEnvelopedGenerator.Aes256Cbc, "AESRFC3211WRAP");
+            Rfc3211WrapperNames.Add(CmsEnvelopedGenerator.Camellia128Cbc, "CAMELLIARFC3211WRAP");
+            Rfc3211WrapperNames.Add(CmsEnvelopedGenerator.Camellia192Cbc, "CAMELLIARFC3211WRAP");
+            Rfc3211WrapperNames.Add(CmsEnvelopedGenerator.Camellia256Cbc, "CAMELLIARFC3211WRAP");
+            Rfc3211WrapperNames.Add(CmsEnvelopedGenerator.DesCbc, "DESRFC3211WRAP");
+            Rfc3211WrapperNames.Add(CmsEnvelopedGenerator.DesEde3Cbc, "DESEDERFC3211WRAP");
+        }
+
+        internal static RecipientInformationStore BuildRecipientInformationStore(
 			Asn1Set recipientInfos, CmsSecureReadable secureReadable)
 		{
 			var infos = new List<RecipientInformation>();
@@ -110,7 +55,29 @@ namespace Org.BouncyCastle.Cms
 			return new RecipientInformationStore(infos);
 		}
 
-		private static void ReadRecipientInfo(IList<RecipientInformation> infos, RecipientInfo info,
+        internal int GetKeySize(string oid)
+        {
+            if (oid == null)
+                throw new ArgumentNullException(nameof(oid));
+
+            if (!KeySizes.TryGetValue(oid, out var keySize))
+                throw new ArgumentException("no key size for " + oid, nameof(oid));
+
+            return keySize;
+        }
+
+        internal string GetRfc3211WrapperName(string oid)
+        {
+            if (oid == null)
+                throw new ArgumentNullException(nameof(oid));
+
+            if (!Rfc3211WrapperNames.TryGetValue(oid, out var name))
+                throw new ArgumentException("no name for " + oid, nameof(oid));
+
+            return name;
+        }
+
+        private static void ReadRecipientInfo(IList<RecipientInformation> infos, RecipientInfo info,
 			CmsSecureReadable secureReadable)
 		{
 			Asn1Encodable recipInfo = info.Info;
@@ -304,4 +271,4 @@ namespace Org.BouncyCastle.Cms
 			}
 		}
 	}
-}
\ No newline at end of file
+}
diff --git a/crypto/src/cms/KEKRecipientInfoGenerator.cs b/crypto/src/cms/KEKRecipientInfoGenerator.cs
index 6f34fec43..d8075d450 100644
--- a/crypto/src/cms/KEKRecipientInfoGenerator.cs
+++ b/crypto/src/cms/KEKRecipientInfoGenerator.cs
@@ -53,7 +53,7 @@ namespace Org.BouncyCastle.Cms
 		{
 			byte[] keyBytes = contentEncryptionKey.GetKey();
 
-            IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionAlgorithm.Algorithm.Id);
+            IWrapper keyWrapper = WrapperUtilities.GetWrapper(keyEncryptionAlgorithm.Algorithm.Id);
 			keyWrapper.Init(true, new ParametersWithRandom(keyEncryptionKey, random));
         	Asn1OctetString encryptedKey = new DerOctetString(
 				keyWrapper.Wrap(keyBytes, 0, keyBytes.Length));
diff --git a/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs b/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs
index c7c7f563f..f74365571 100644
--- a/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs
+++ b/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs
@@ -133,7 +133,7 @@ namespace Org.BouncyCastle.Cms
 					keyEncryptionOID, keyEncryptionKeyBytes);
 
 				// Wrap the content encryption key with the agreement key
-				IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionOID.Id);
+				IWrapper keyWrapper = WrapperUtilities.GetWrapper(keyEncryptionOID.Id);
 				keyWrapper.Init(true, new ParametersWithRandom(keyEncryptionKey, random));
 				byte[] encryptedKeyBytes = keyWrapper.Wrap(keyBytes, 0, keyBytes.Length);
 
diff --git a/crypto/src/cms/PasswordRecipientInfoGenerator.cs b/crypto/src/cms/PasswordRecipientInfoGenerator.cs
index 9916edfc4..5bbf8f727 100644
--- a/crypto/src/cms/PasswordRecipientInfoGenerator.cs
+++ b/crypto/src/cms/PasswordRecipientInfoGenerator.cs
@@ -44,10 +44,10 @@ namespace Org.BouncyCastle.Cms
 			byte[] keyBytes = contentEncryptionKey.GetKey();
 
 			string rfc3211WrapperName = Helper.GetRfc3211WrapperName(keyEncryptionKeyOID);
-			IWrapper keyWrapper = Helper.CreateWrapper(rfc3211WrapperName);
+			IWrapper keyWrapper = WrapperUtilities.GetWrapper(rfc3211WrapperName);
 
 			// Note: In Java build, the IV is automatically generated in JCE layer
-			int ivLength = Platform.StartsWith(rfc3211WrapperName, "DESEDE") ? 8 : 16;
+			int ivLength = Platform.StartsWithIgnoreCase(rfc3211WrapperName, "DES") ? 8 : 16;
 			byte[] iv = new byte[ivLength];
 			random.NextBytes(iv);
 
diff --git a/crypto/src/cms/SignerInformation.cs b/crypto/src/cms/SignerInformation.cs
index 84256d9f8..4e21b1246 100644
--- a/crypto/src/cms/SignerInformation.cs
+++ b/crypto/src/cms/SignerInformation.cs
@@ -575,7 +575,7 @@ namespace Org.BouncyCastle.Cms
 			{
 				if (algorithm.Equals("RSA"))
 				{
-					IBufferedCipher c = CmsEnvelopedHelper.Instance.CreateAsymmetricCipher("RSA/ECB/PKCS1Padding");
+					IBufferedCipher c = CipherUtilities.GetCipher(Asn1.Pkcs.PkcsObjectIdentifiers.RsaEncryption);
 
 					c.Init(false, key);
 
diff --git a/crypto/src/util/Platform.cs b/crypto/src/util/Platform.cs
index e43714181..25f2c62d9 100644
--- a/crypto/src/util/Platform.cs
+++ b/crypto/src/util/Platform.cs
@@ -56,6 +56,11 @@ namespace Org.BouncyCastle.Utilities
             return InvariantCompareInfo.IsPrefix(source, prefix, CompareOptions.Ordinal);
         }
 
+        internal static bool StartsWithIgnoreCase(string source, string prefix)
+        {
+            return InvariantCompareInfo.IsPrefix(source, prefix, CompareOptions.OrdinalIgnoreCase);
+        }
+
         internal static bool EndsWith(string source, string suffix)
         {
             return InvariantCompareInfo.IsSuffix(source, suffix, CompareOptions.Ordinal);