summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--crypto/src/cms/KeyTransRecipientInfoGenerator.cs5
-rw-r--r--crypto/src/crmf/PKIArchiveControlBuilder.cs11
-rw-r--r--crypto/src/crypto/operators/Asn1KeyWrapper.cs94
3 files changed, 57 insertions, 53 deletions
diff --git a/crypto/src/cms/KeyTransRecipientInfoGenerator.cs b/crypto/src/cms/KeyTransRecipientInfoGenerator.cs
index b18d18153..23b06d3b3 100644
--- a/crypto/src/cms/KeyTransRecipientInfoGenerator.cs
+++ b/crypto/src/cms/KeyTransRecipientInfoGenerator.cs
@@ -73,14 +73,11 @@ namespace Org.BouncyCastle.Cms
 
         public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random)
         {
-            byte[] keyBytes = contentEncryptionKey.GetKey();
             AlgorithmIdentifier keyEncryptionAlgorithm = this.AlgorithmDetails;
 
             this.random = random;
 
-            IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionAlgorithm.Algorithm.Id);
-            keyWrapper.Init(true, new ParametersWithRandom(recipientPublicKey, random));
-            byte[] encryptedKeyBytes = keyWrapper.Wrap(keyBytes, 0, keyBytes.Length);
+            byte[] encryptedKeyBytes = GenerateWrappedKey(contentEncryptionKey);
 
             RecipientIdentifier recipId;
             if (recipientTbsCert != null)
diff --git a/crypto/src/crmf/PKIArchiveControlBuilder.cs b/crypto/src/crmf/PKIArchiveControlBuilder.cs
index f43ecd4ec..2677e4e0d 100644
--- a/crypto/src/crmf/PKIArchiveControlBuilder.cs
+++ b/crypto/src/crmf/PKIArchiveControlBuilder.cs
@@ -9,7 +9,7 @@ using Org.BouncyCastle.Crypto;
 
 namespace Org.BouncyCastle.Crmf
 {
-    public class PKIArchiveControlBuilder
+    public class PkiArchiveControlBuilder
     {
         private CmsEnvelopedDataGenerator envGen;
         private CmsProcessableByteArray keyContent;
@@ -20,7 +20,7 @@ namespace Org.BouncyCastle.Crmf
         /// <param name="privateKeyInfo">the private key to be archived.</param>
         /// <param name="generalName">the general name to be associated with the private key.</param>
         ///
-        public PKIArchiveControlBuilder(PrivateKeyInfo privateKeyInfo, GeneralName generalName)
+        public PkiArchiveControlBuilder(PrivateKeyInfo privateKeyInfo, GeneralName generalName)
         {
             EncKeyWithID encKeyWithID = new EncKeyWithID(privateKeyInfo, generalName);
 
@@ -35,14 +35,11 @@ namespace Org.BouncyCastle.Crmf
 
             this.envGen = new CmsEnvelopedDataGenerator();
         }
-        
-
-
 
         ///<summary>Add a recipient generator to this control.</summary>       
         ///<param name="recipientGen"> recipient generator created for a specific recipient.</param>
         ///<returns>this builder object.</returns>       
-        public PKIArchiveControlBuilder AddRecipientGenerator(RecipientInfoGenerator recipientGen)
+        public PkiArchiveControlBuilder AddRecipientGenerator(RecipientInfoGenerator recipientGen)
         {
             envGen.AddRecipientInfoGenerator(recipientGen);
             return this;
@@ -56,6 +53,6 @@ namespace Org.BouncyCastle.Crmf
             CmsEnvelopedData envContent = envGen.Generate(keyContent, contentEncryptor);
             EnvelopedData envD = EnvelopedData.GetInstance(envContent.ContentInfo.Content);        
             return new PkiArchiveControl(new PkiArchiveOptions(new EncryptedKey(envD)));
+        }
     }
-}
 }
\ No newline at end of file
diff --git a/crypto/src/crypto/operators/Asn1KeyWrapper.cs b/crypto/src/crypto/operators/Asn1KeyWrapper.cs
index 38f287daa..6e608b94b 100644
--- a/crypto/src/crypto/operators/Asn1KeyWrapper.cs
+++ b/crypto/src/crypto/operators/Asn1KeyWrapper.cs
@@ -10,11 +10,36 @@ using Org.BouncyCastle.Crypto.Digests;
 using Org.BouncyCastle.Crypto.Encodings;
 using Org.BouncyCastle.Crypto.Engines;
 using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Nist;
 
 namespace Org.BouncyCastle.Crypto.Operators
 {
+    public class Asn1KeyWrapper : IKeyWrapper
+    {
+        private X509Certificate cert;
+        private string algorithm;
+        private IKeyWrapper wrapper;
+
+        public Asn1KeyWrapper(string algorithm, X509Certificate cert)
+        {
+            this.algorithm = algorithm;
+            this.cert = cert;
+            wrapper = KeyWrapperUtil.WrapperForName(algorithm);
+        }
+
+        public object AlgorithmDetails
+        {
+            get { return wrapper.AlgorithmDetails; }
+        }
+
+        public IBlockResult Wrap(byte[] keyData)
+        {
+            return wrapper.Wrap(keyData);
+        }
+    }
 
-    public class KeyWrapperUtil
+    internal class KeyWrapperUtil
     {
         //
         // Provider 
@@ -23,8 +48,11 @@ namespace Org.BouncyCastle.Crypto.Operators
 
         static KeyWrapperUtil()
         {
-            providerMap["RSA/NONE/OAEPPADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_None_OaepPadding);
-            providerMap["RSA/NONE/OAEPWITHSHA256ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_None_OaepWithSha256andMGF1Padding);
+            providerMap["RSA/NONE/OAEPWITHSHA1ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_Sha1_Oaep);
+            providerMap["RSA/NONE/OAEPWITHSHA224ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_Sha224_Oaep);
+            providerMap["RSA/NONE/OAEPWITHSHA256ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_Sha256_Oaep);
+            providerMap["RSA/NONE/OAEPWITHSHA384ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_Sha384_Oaep);
+            providerMap["RSA/NONE/OAEPWITHSHA512ANDMGF1PADDING"] = new WrapperCreator(RsaOaepWrapper.Rsa_Sha512_Oaep);
         }
 
         public static IKeyWrapper WrapperForName(string algorithm)
@@ -39,45 +67,18 @@ namespace Org.BouncyCastle.Crypto.Operators
             return (IKeyWrapper)provider.createWrapper();
         }
 
-        public static IKeyUnwrapper UnWrapperForName(string algorithm)
+        public static IKeyUnwrapper UnwrapperForName(string algorithm)
         {
             WrapperProvider provider = (WrapperProvider)providerMap[Strings.ToUpperCase(algorithm)];
             if (provider == null)
             {
-                throw new ArgumentException("could not resolve " + algorithm + " to a KeyUnWrapper");
+                throw new ArgumentException("could not resolve " + algorithm + " to a KeyUnwrapper");
             }
 
             return (IKeyUnwrapper)provider.createWrapper();
         }
     }
 
-
-    public class Asn1KeyWrapper : IKeyWrapper
-    {
-        private X509Certificate cert;
-        private string algorithm;
-        private IKeyWrapper wrapper;
-
-
-
-        public Asn1KeyWrapper(string algorithm, X509Certificate cert)
-        {
-            this.algorithm = algorithm;
-            this.cert = cert;
-            wrapper = KeyWrapperUtil.WrapperForName(algorithm);
-        }
-
-        public object AlgorithmDetails
-        {
-            get { return wrapper.AlgorithmDetails; }
-        }
-
-        public IBlockResult Wrap(byte[] keyData)
-        {
-            return wrapper.Wrap(keyData);
-        }
-    }
-
     internal delegate object WrapperCreatorDelegate();
 
     /// <summary>
@@ -92,40 +93,48 @@ namespace Org.BouncyCastle.Crypto.Operators
             this.creator = creator;
         }
 
-
         public object createWrapper()
         {
             return this.creator.Invoke();
         }
     }
 
-
-
     internal interface WrapperProvider
     {
         object createWrapper();
     }
 
-
-
     internal class RsaOaepWrapper : IKeyWrapper, IKeyUnwrapper
     {
+        internal static object Rsa_Sha1_Oaep()
+        {
+            return new RsaOaepWrapper(OiwObjectIdentifiers.IdSha1, new Sha1Digest());
+        }
 
-        internal static object Rsa_None_OaepPadding()
+        internal static object Rsa_Sha224_Oaep()
         {
-            return new RsaOaepWrapper(new Sha1Digest(), PkcsObjectIdentifiers.IdRsaesOaep);
+            return new RsaOaepWrapper(NistObjectIdentifiers.IdSha224, new Sha224Digest());
         }
 
-        internal static object Rsa_None_OaepWithSha256andMGF1Padding()
+        internal static object Rsa_Sha256_Oaep()
         {
-            return new RsaOaepWrapper(new Sha256Digest(), PkcsObjectIdentifiers.IdRsaesOaep);
+            return new RsaOaepWrapper(NistObjectIdentifiers.IdSha256, new Sha256Digest());
         }
 
+        internal static object Rsa_Sha384_Oaep()
+        {
+            return new RsaOaepWrapper(NistObjectIdentifiers.IdSha384, new Sha384Digest());
+        }
+
+        internal static object Rsa_Sha512_Oaep()
+        {
+            return new RsaOaepWrapper(NistObjectIdentifiers.IdSha512, new Sha512Digest());
+        }
 
         private readonly AlgorithmIdentifier algId;
         private readonly IAsymmetricBlockCipher engine;
 
-        public RsaOaepWrapper(IDigest digest, DerObjectIdentifier digestOid)
+        public RsaOaepWrapper(DerObjectIdentifier digestOid, IDigest digest)
         {
             AlgorithmIdentifier digestAlgId = new AlgorithmIdentifier(digestOid, DerNull.Instance);
 
@@ -137,6 +146,7 @@ namespace Org.BouncyCastle.Crypto.Operators
                     RsaesOaepParameters.DefaultPSourceAlgorithm));
             this.engine = new OaepEncoding(new RsaBlindedEngine());
         }
+
         public object AlgorithmDetails
         {
             get