diff options
-rw-r--r-- | crypto/src/cms/CMSSignedData.cs | 184 | ||||
-rw-r--r-- | crypto/src/cms/CMSSignedDataGenerator.cs | 7 | ||||
-rw-r--r-- | crypto/src/cms/CMSSignedGenerator.cs | 634 | ||||
-rw-r--r-- | crypto/src/cms/CMSSignedHelper.cs | 19 | ||||
-rw-r--r-- | crypto/src/cms/CMSUtils.cs | 55 | ||||
-rw-r--r-- | crypto/src/cms/SignerInformation.cs | 4 | ||||
-rw-r--r-- | crypto/src/security/SignerUtilities.cs | 4 |
7 files changed, 682 insertions, 225 deletions
diff --git a/crypto/src/cms/CMSSignedData.cs b/crypto/src/cms/CMSSignedData.cs index 5a73df4f1..bfe4705e7 100644 --- a/crypto/src/cms/CMSSignedData.cs +++ b/crypto/src/cms/CMSSignedData.cs @@ -4,6 +4,7 @@ using System.IO; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Utilities.Collections; using Org.BouncyCastle.X509; @@ -35,6 +36,8 @@ namespace Org.BouncyCastle.Cms public class CmsSignedData { private static readonly CmsSignedHelper Helper = CmsSignedHelper.Instance; + internal static readonly DefaultDigestAlgorithmIdentifierFinder DigestAlgIDFinder = + new DefaultDigestAlgorithmIdentifierFinder(); private readonly CmsProcessable signedContent; private SignedData signedData; @@ -209,11 +212,30 @@ namespace Org.BouncyCastle.Cms return Helper.GetOtherRevInfos(signedData.CRLs, otherRevInfoFormat); } - /// <summary> - /// Return the <c>DerObjectIdentifier</c> associated with the encapsulated - /// content info structure carried in the signed data. - /// </summary> - public DerObjectIdentifier SignedContentType + /** + * Return the digest algorithm identifiers for the SignedData object + * + * @return the set of digest algorithm identifiers + */ + public ISet<AlgorithmIdentifier> GetDigestAlgorithmIDs() + { + var digestAlgorithms = signedData.DigestAlgorithms; + + HashSet<AlgorithmIdentifier> result = new HashSet<AlgorithmIdentifier>(); + + foreach (var entry in digestAlgorithms) + { + result.Add(AlgorithmIdentifier.GetInstance(entry)); + } + + return CollectionUtilities.ReadOnly(result); + } + + /// <summary> + /// Return the <c>DerObjectIdentifier</c> associated with the encapsulated + /// content info structure carried in the signed data. + /// </summary> + public DerObjectIdentifier SignedContentType { get { return signedData.EncapContentInfo.ContentType; } } @@ -249,59 +271,147 @@ namespace Org.BouncyCastle.Cms return contentInfo.GetEncoded(encoding); } - /** - * Replace the signerinformation store associated with this - * CmsSignedData object with the new one passed in. You would - * probably only want to do this if you wanted to change the unsigned - * attributes associated with a signer, or perhaps delete one. - * - * @param signedData the signed data object to be used as a base. - * @param signerInformationStore the new signer information store to use. - * @return a new signed data object. - */ - public static CmsSignedData ReplaceSigners( - CmsSignedData signedData, - SignerInformationStore signerInformationStore) + /** + * Return a new CMSSignedData which guarantees to have the passed in digestAlgorithm + * in it. Uses the current DigestAlgorithmIdentifierFinder for creating the digest sets. + * + * @param signedData the signed data object to be used as a base. + * @param digestAlgorithm the digest algorithm to be added to the signed data. + * @return a new signed data object. + */ + public static CmsSignedData AddDigestAlgorithm(CmsSignedData signedData, AlgorithmIdentifier digestAlgorithm) => + AddDigestAlgorithm(signedData, digestAlgorithm, DigestAlgIDFinder); + + /** + * Return a new CMSSignedData which guarantees to have the passed in digestAlgorithm + * in it. Uses the passed in DigestAlgorithmIdentifierFinder for creating the digest sets. + * + * @param signedData the signed data object to be used as a base. + * @param digestAlgorithm the digest algorithm to be added to the signed data. + * @param digestAlgIDFinder the digest algorithmID map to generate the digest set with. + * @return a new signed data object. + */ + public static CmsSignedData AddDigestAlgorithm(CmsSignedData signedData, AlgorithmIdentifier digestAlgorithm, + DefaultDigestAlgorithmIdentifierFinder digestAlgIDFinder) { + ISet<AlgorithmIdentifier> digestAlgorithms = signedData.GetDigestAlgorithmIDs(); + AlgorithmIdentifier digestAlg = Helper.FixDigestAlgID(digestAlgorithm, digestAlgIDFinder); + // - // copy + // if the algorithm is already present there is no need to add it. // - CmsSignedData cms = new CmsSignedData(signedData); + if (digestAlgorithms.Contains(digestAlg)) + return signedData; // - // replace the store + // copy // - cms.signerInfoStore = signerInformationStore; + CmsSignedData cms = new CmsSignedData(signedData); + + // + // build up the new set + // + HashSet<AlgorithmIdentifier> digestAlgs = new HashSet<AlgorithmIdentifier>(); + + foreach (var entry in digestAlgs) + { + digestAlgs.Add(Helper.FixDigestAlgID(entry, digestAlgIDFinder)); + } + digestAlgs.Add(digestAlg); + + Asn1Set digests = CmsUtilities.ConvertToDLSet(digestAlgs); + Asn1Sequence sD = (Asn1Sequence)signedData.signedData.ToAsn1Object(); + + // + // signers are the last item in the sequence. + // + Asn1EncodableVector vec = new Asn1EncodableVector(sD.Count); + vec.Add(sD[0]); // version + vec.Add(digests); + + for (int i = 2; i != sD.Count; i++) + { + vec.Add(sD[i]); + } + + cms.signedData = SignedData.GetInstance(new BerSequence(vec)); // - // replace the signers in the SignedData object + // replace the contentInfo with the new one // - var storeSigners = signerInformationStore.GetSigners(); - Asn1EncodableVector digestAlgs = new Asn1EncodableVector(storeSigners.Count); - Asn1EncodableVector vec = new Asn1EncodableVector(storeSigners.Count); - foreach (SignerInformation signer in storeSigners) + cms.contentInfo = new ContentInfo(cms.contentInfo.ContentType, cms.signedData); + + return cms; + } + + /** + * Replace the SignerInformation store associated with this CMSSignedData object with the new one passed in + * using the current DigestAlgorithmIdentifierFinder for creating the digest sets. You would probably only want + * to do this if you wanted to change the unsigned attributes associated with a signer, or perhaps delete one. + * + * @param signedData the signed data object to be used as a base. + * @param signerInformationStore the new signer information store to use. + * @return a new signed data object. + */ + public static CmsSignedData ReplaceSigners(CmsSignedData signedData, + SignerInformationStore signerInformationStore) => + ReplaceSigners(signedData, signerInformationStore, DigestAlgIDFinder); + + /** + * Replace the SignerInformation store associated with this CMSSignedData object with the new one passed in + * using the passed in DigestAlgorithmIdentifierFinder for creating the digest sets. You would probably only + * want to do this if you wanted to change the unsigned attributes associated with a signer, or perhaps delete + * one. + * + * @param signedData the signed data object to be used as a base. + * @param signerInformationStore the new signer information store to use. + * @param dgstAlgIDFinder the digest algorithmID map to generate the digest set with. + * @return a new signed data object. + */ + public static CmsSignedData ReplaceSigners(CmsSignedData signedData, + SignerInformationStore signerInformationStore, DefaultDigestAlgorithmIdentifierFinder digestAlgIDFinder) + { + // + // copy + // + CmsSignedData cms = new CmsSignedData(signedData); + + // + // replace the store + // + cms.signerInfoStore = signerInformationStore; + + // + // replace the signers in the SignedData object + // + HashSet<AlgorithmIdentifier> digestAlgs = new HashSet<AlgorithmIdentifier>(); + + var signers = signerInformationStore.GetSigners(); + Asn1EncodableVector vec = new Asn1EncodableVector(signers.Count); + + foreach (var signer in signers) { - digestAlgs.Add(Helper.FixAlgID(signer.DigestAlgorithmID)); + CmsUtilities.AddDigestAlgs(digestAlgs, signer, digestAlgIDFinder); vec.Add(signer.ToSignerInfo()); } - Asn1Set digests = new DerSet(digestAlgs); - Asn1Set signers = new DerSet(vec); + Asn1Set digestSet = CmsUtilities.ConvertToDLSet(digestAlgs); + Asn1Set signerSet = DLSet.FromVector(vec); Asn1Sequence sD = (Asn1Sequence)signedData.signedData.ToAsn1Object(); - // - // signers are the last item in the sequence. - // - vec = new Asn1EncodableVector(sD.Count); - vec.Add(sD[0]); // version - vec.Add(digests); + // + // signers are the last item in the sequence. + // + vec = new Asn1EncodableVector(sD.Count); + vec.Add(sD[0]); // version + vec.Add(digestSet); for (int i = 2; i != sD.Count - 1; i++) { vec.Add(sD[i]); } - vec.Add(signers); + vec.Add(signerSet); cms.signedData = SignedData.GetInstance(new BerSequence(vec)); diff --git a/crypto/src/cms/CMSSignedDataGenerator.cs b/crypto/src/cms/CMSSignedDataGenerator.cs index 646ed2c35..015c540cd 100644 --- a/crypto/src/cms/CMSSignedDataGenerator.cs +++ b/crypto/src/cms/CMSSignedDataGenerator.cs @@ -457,10 +457,9 @@ namespace Org.BouncyCastle.Cms // foreach (SignerInformation signer in _signers) { - digestAlgs.Add(Helper.FixAlgID(signer.DigestAlgorithmID)); - - // TODO Verify the content type and calculated digest match the precalculated SignerInfo - signerInfos.Add(signer.ToSignerInfo()); + CmsUtilities.AddDigestAlgs(digestAlgs, signer, CmsSignedData.DigestAlgIDFinder); + // TODO Verify the content type and calculated digest match the precalculated SignerInfo + signerInfos.Add(signer.ToSignerInfo()); } // diff --git a/crypto/src/cms/CMSSignedGenerator.cs b/crypto/src/cms/CMSSignedGenerator.cs index 799501789..f49b1fb80 100644 --- a/crypto/src/cms/CMSSignedGenerator.cs +++ b/crypto/src/cms/CMSSignedGenerator.cs @@ -7,8 +7,10 @@ using Org.BouncyCastle.Asn1.Bsi; using Org.BouncyCastle.Asn1.Cms; using Org.BouncyCastle.Asn1.CryptoPro; using Org.BouncyCastle.Asn1.Eac; +using Org.BouncyCastle.Asn1.EdEC; using Org.BouncyCastle.Asn1.GM; using Org.BouncyCastle.Asn1.Isara; +using Org.BouncyCastle.Asn1.Misc; using Org.BouncyCastle.Asn1.Nist; using Org.BouncyCastle.Asn1.Oiw; using Org.BouncyCastle.Asn1.Pkcs; @@ -23,28 +25,22 @@ using Org.BouncyCastle.X509; namespace Org.BouncyCastle.Cms { + // TODO[api] Create API for this public class DefaultSignatureAlgorithmIdentifierFinder { - private static readonly IDictionary<string, DerObjectIdentifier> m_algorithms = + private static readonly Dictionary<string, DerObjectIdentifier> m_algorithms = new Dictionary<string, DerObjectIdentifier>(StringComparer.OrdinalIgnoreCase); - private static readonly HashSet<DerObjectIdentifier> noParams = new HashSet<DerObjectIdentifier>(); - private static readonly IDictionary<string, Asn1Encodable> m_params = + private static readonly HashSet<DerObjectIdentifier> m_noParams = new HashSet<DerObjectIdentifier>(); + private static readonly Dictionary<string, Asn1Encodable> m_parameters = new Dictionary<string, Asn1Encodable>(StringComparer.OrdinalIgnoreCase); - private static readonly HashSet<DerObjectIdentifier> pkcs15RsaEncryption = new HashSet<DerObjectIdentifier>(); - private static readonly IDictionary<DerObjectIdentifier, DerObjectIdentifier> m_digestOids = + private static readonly HashSet<DerObjectIdentifier> m_pkcs15RsaEncryption = new HashSet<DerObjectIdentifier>(); + private static readonly Dictionary<DerObjectIdentifier, DerObjectIdentifier> m_digestOids = new Dictionary<DerObjectIdentifier, DerObjectIdentifier>(); - //private static readonly DerObjectIdentifier ENCRYPTION_RSA = PkcsObjectIdentifiers.RsaEncryption; - //private static readonly DerObjectIdentifier ENCRYPTION_DSA = X9ObjectIdentifiers.IdDsaWithSha1; - //private static readonly DerObjectIdentifier ENCRYPTION_ECDSA = X9ObjectIdentifiers.ECDsaWithSha1; - //private static readonly DerObjectIdentifier ENCRYPTION_RSA_PSS = PkcsObjectIdentifiers.IdRsassaPss; - //private static readonly DerObjectIdentifier ENCRYPTION_GOST3410 = CryptoProObjectIdentifiers.GostR3410x94; - //private static readonly DerObjectIdentifier ENCRYPTION_ECGOST3410 = CryptoProObjectIdentifiers.GostR3410x2001; - //private static readonly DerObjectIdentifier ENCRYPTION_ECGOST3410_2012_256 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256; - //private static readonly DerObjectIdentifier ENCRYPTION_ECGOST3410_2012_512 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512; - static DefaultSignatureAlgorithmIdentifierFinder() { + m_algorithms["COMPOSITE"] = MiscObjectIdentifiers.id_alg_composite; + m_algorithms["MD2WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.MD2WithRsaEncryption; m_algorithms["MD2WITHRSA"] = PkcsObjectIdentifiers.MD2WithRsaEncryption; m_algorithms["MD5WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.MD5WithRsaEncryption; @@ -121,8 +117,6 @@ namespace Org.BouncyCastle.Cms m_algorithms["SHA256WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha256; m_algorithms["SHA384WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha384; m_algorithms["SHA512WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha512; - - m_algorithms["GOST3411WITHGOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94; m_algorithms["GOST3411WITHGOST3410-94"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94; m_algorithms["GOST3411WITHECGOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001; @@ -130,16 +124,17 @@ namespace Org.BouncyCastle.Cms m_algorithms["GOST3411WITHGOST3410-2001"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001; m_algorithms["GOST3411WITHECGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; m_algorithms["GOST3411WITHECGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; - m_algorithms["GOST3411-2012-256WITHECGOST3410"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; + m_algorithms["GOST3411WITHGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; + m_algorithms["GOST3411WITHGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; m_algorithms["GOST3411-2012-256WITHECGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; - m_algorithms["GOST3411-2012-512WITHECGOST3410"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; m_algorithms["GOST3411-2012-512WITHECGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; - m_algorithms["SHA1WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA1; - m_algorithms["SHA224WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA224; - m_algorithms["SHA256WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA256; - m_algorithms["SHA384WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA384; - m_algorithms["SHA512WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA512; - m_algorithms["RIPEMD160WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_RIPEMD160; + m_algorithms["GOST3411-2012-256WITHGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; + m_algorithms["GOST3411-2012-512WITHGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; + + // NOTE: Not in bc-java + m_algorithms["GOST3411-2012-256WITHECGOST3410"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; + m_algorithms["GOST3411-2012-512WITHECGOST3410"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; + m_algorithms["SHA1WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_1; m_algorithms["SHA224WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_224; m_algorithms["SHA256WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_256; @@ -148,7 +143,34 @@ namespace Org.BouncyCastle.Cms m_algorithms["SHA3-512WITHSPHINCS256"] = BCObjectIdentifiers.sphincs256_with_SHA3_512; m_algorithms["SHA512WITHSPHINCS256"] = BCObjectIdentifiers.sphincs256_with_SHA512; + m_algorithms["SHA1WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA1; + m_algorithms["RIPEMD160WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_RIPEMD160; + m_algorithms["SHA224WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA224; + m_algorithms["SHA256WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA256; + m_algorithms["SHA384WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA384; + m_algorithms["SHA512WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA512; + m_algorithms["SHA3-224WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA3_224; + m_algorithms["SHA3-256WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA3_256; + m_algorithms["SHA3-384WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA3_384; + m_algorithms["SHA3-512WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA3_512; + + m_algorithms["ED25519"] = EdECObjectIdentifiers.id_Ed25519; + m_algorithms["ED448"] = EdECObjectIdentifiers.id_Ed448; + + // RFC 8702 + m_algorithms["SHAKE128WITHRSAPSS"] = CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE128; + m_algorithms["SHAKE256WITHRSAPSS"] = CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE256; + m_algorithms["SHAKE128WITHRSASSA-PSS"] = CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE128; + m_algorithms["SHAKE256WITHRSASSA-PSS"] = CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE256; + m_algorithms["SHAKE128WITHECDSA"] = CmsObjectIdentifiers.id_ecdsa_with_shake128; + m_algorithms["SHAKE256WITHECDSA"] = CmsObjectIdentifiers.id_ecdsa_with_shake256; + + //m_algorithms["RIPEMD160WITHSM2"] = GMObjectIdentifiers.sm2sign_with_rmd160; + //m_algorithms["SHA1WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sha1; + //m_algorithms["SHA224WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sha224; m_algorithms["SHA256WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sha256; + //m_algorithms["SHA384WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sha384; + //m_algorithms["SHA512WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sha512; m_algorithms["SM3WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sm3; m_algorithms["SHA256WITHXMSS"] = BCObjectIdentifiers.xmss_SHA256ph; @@ -171,6 +193,8 @@ namespace Org.BouncyCastle.Cms m_algorithms["SHAKE128WITHXMSSMT-SHAKE128"] = BCObjectIdentifiers.xmss_mt_SHAKE128ph; m_algorithms["SHAKE256WITHXMSSMT-SHAKE256"] = BCObjectIdentifiers.xmss_mt_SHAKE256ph; + m_algorithms["LMS"] = PkcsObjectIdentifiers.IdAlgHssLmsHashsig; + m_algorithms["XMSS"] = IsaraObjectIdentifiers.id_alg_xmss; m_algorithms["XMSS-SHA256"] = BCObjectIdentifiers.xmss_SHA256; m_algorithms["XMSS-SHA512"] = BCObjectIdentifiers.xmss_SHA512; @@ -183,122 +207,217 @@ namespace Org.BouncyCastle.Cms m_algorithms["XMSSMT-SHAKE128"] = BCObjectIdentifiers.xmss_mt_SHAKE128; m_algorithms["XMSSMT-SHAKE256"] = BCObjectIdentifiers.xmss_mt_SHAKE256; + m_algorithms["SPHINCS+"] = BCObjectIdentifiers.sphincsPlus; + m_algorithms["SPHINCSPLUS"] = BCObjectIdentifiers.sphincsPlus; + + m_algorithms["DILITHIUM2"] = BCObjectIdentifiers.dilithium2; + m_algorithms["DILITHIUM3"] = BCObjectIdentifiers.dilithium3; + m_algorithms["DILITHIUM5"] = BCObjectIdentifiers.dilithium5; + m_algorithms["DILITHIUM2-AES"] = BCObjectIdentifiers.dilithium2_aes; + m_algorithms["DILITHIUM3-AES"] = BCObjectIdentifiers.dilithium3_aes; + m_algorithms["DILITHIUM5-AES"] = BCObjectIdentifiers.dilithium5_aes; + + m_algorithms["FALCON-512"] = BCObjectIdentifiers.falcon_512; + m_algorithms["FALCON-1024"] = BCObjectIdentifiers.falcon_1024; + + m_algorithms["PICNIC"] = BCObjectIdentifiers.picnic_signature; + m_algorithms["SHA512WITHPICNIC"] = BCObjectIdentifiers.picnic_with_sha512; + m_algorithms["SHA3-512WITHPICNIC"] = BCObjectIdentifiers.picnic_with_sha3_512; + m_algorithms["SHAKE256WITHPICNIC"] = BCObjectIdentifiers.picnic_with_shake256; // // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. // The parameters field SHALL be NULL for RSA based signature algorithms. // - noParams.Add(X9ObjectIdentifiers.ECDsaWithSha1); - noParams.Add(X9ObjectIdentifiers.ECDsaWithSha224); - noParams.Add(X9ObjectIdentifiers.ECDsaWithSha256); - noParams.Add(X9ObjectIdentifiers.ECDsaWithSha384); - noParams.Add(X9ObjectIdentifiers.ECDsaWithSha512); - noParams.Add(X9ObjectIdentifiers.IdDsaWithSha1); - noParams.Add(NistObjectIdentifiers.DsaWithSha224); - noParams.Add(NistObjectIdentifiers.DsaWithSha256); - noParams.Add(NistObjectIdentifiers.DsaWithSha384); - noParams.Add(NistObjectIdentifiers.DsaWithSha512); - noParams.Add(NistObjectIdentifiers.IdDsaWithSha3_224); - noParams.Add(NistObjectIdentifiers.IdDsaWithSha3_256); - noParams.Add(NistObjectIdentifiers.IdDsaWithSha3_384); - noParams.Add(NistObjectIdentifiers.IdDsaWithSha3_512); - noParams.Add(NistObjectIdentifiers.IdEcdsaWithSha3_224); - noParams.Add(NistObjectIdentifiers.IdEcdsaWithSha3_256); - noParams.Add(NistObjectIdentifiers.IdEcdsaWithSha3_384); - noParams.Add(NistObjectIdentifiers.IdEcdsaWithSha3_512); - + m_noParams.Add(X9ObjectIdentifiers.ECDsaWithSha1); + m_noParams.Add(X9ObjectIdentifiers.ECDsaWithSha224); + m_noParams.Add(X9ObjectIdentifiers.ECDsaWithSha256); + m_noParams.Add(X9ObjectIdentifiers.ECDsaWithSha384); + m_noParams.Add(X9ObjectIdentifiers.ECDsaWithSha512); + m_noParams.Add(X9ObjectIdentifiers.IdDsaWithSha1); + m_noParams.Add(NistObjectIdentifiers.DsaWithSha224); + m_noParams.Add(NistObjectIdentifiers.DsaWithSha256); + m_noParams.Add(NistObjectIdentifiers.DsaWithSha384); + m_noParams.Add(NistObjectIdentifiers.DsaWithSha512); + m_noParams.Add(NistObjectIdentifiers.IdDsaWithSha3_224); + m_noParams.Add(NistObjectIdentifiers.IdDsaWithSha3_256); + m_noParams.Add(NistObjectIdentifiers.IdDsaWithSha3_384); + m_noParams.Add(NistObjectIdentifiers.IdDsaWithSha3_512); + m_noParams.Add(NistObjectIdentifiers.IdEcdsaWithSha3_224); + m_noParams.Add(NistObjectIdentifiers.IdEcdsaWithSha3_256); + m_noParams.Add(NistObjectIdentifiers.IdEcdsaWithSha3_384); + m_noParams.Add(NistObjectIdentifiers.IdEcdsaWithSha3_512); + + m_noParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA224); + m_noParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA256); + m_noParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA384); + m_noParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA512); + m_noParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_224); + m_noParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_256); + m_noParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_384); + m_noParams.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_512); // // RFC 4491 // - noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); - noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); - noParams.Add(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256); - noParams.Add(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512); + m_noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); + m_noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); + m_noParams.Add(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256); + m_noParams.Add(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512); // // SPHINCS-256 // - noParams.Add(BCObjectIdentifiers.sphincs256_with_SHA512); - noParams.Add(BCObjectIdentifiers.sphincs256_with_SHA3_512); + m_noParams.Add(BCObjectIdentifiers.sphincs256_with_SHA512); + m_noParams.Add(BCObjectIdentifiers.sphincs256_with_SHA3_512); + + // + // SPHINCS-PLUS + // + m_noParams.Add(BCObjectIdentifiers.sphincsPlus); + m_noParams.Add(BCObjectIdentifiers.sphincsPlus_sha2_128s_r3); + m_noParams.Add(BCObjectIdentifiers.sphincsPlus_sha2_128f_r3); + m_noParams.Add(BCObjectIdentifiers.sphincsPlus_shake_128s_r3); + m_noParams.Add(BCObjectIdentifiers.sphincsPlus_shake_128f_r3); + m_noParams.Add(BCObjectIdentifiers.sphincsPlus_haraka_128s_r3); + m_noParams.Add(BCObjectIdentifiers.sphincsPlus_haraka_128f_r3); + m_noParams.Add(BCObjectIdentifiers.sphincsPlus_sha2_192s_r3); + m_noParams.Add(BCObjectIdentifiers.sphincsPlus_sha2_192f_r3); + m_noParams.Add(BCObjectIdentifiers.sphincsPlus_shake_192s_r3); + m_noParams.Add(BCObjectIdentifiers.sphincsPlus_shake_192f_r3); + m_noParams.Add(BCObjectIdentifiers.sphincsPlus_haraka_192s_r3); + m_noParams.Add(BCObjectIdentifiers.sphincsPlus_haraka_192f_r3); + m_noParams.Add(BCObjectIdentifiers.sphincsPlus_sha2_256s_r3); + m_noParams.Add(BCObjectIdentifiers.sphincsPlus_sha2_256f_r3); + m_noParams.Add(BCObjectIdentifiers.sphincsPlus_shake_256s_r3); + m_noParams.Add(BCObjectIdentifiers.sphincsPlus_shake_256f_r3); + m_noParams.Add(BCObjectIdentifiers.sphincsPlus_haraka_256s_r3); + m_noParams.Add(BCObjectIdentifiers.sphincsPlus_haraka_256f_r3); + + // + // Dilithium + // + m_noParams.Add(BCObjectIdentifiers.dilithium); + m_noParams.Add(BCObjectIdentifiers.dilithium2); + m_noParams.Add(BCObjectIdentifiers.dilithium3); + m_noParams.Add(BCObjectIdentifiers.dilithium5); + m_noParams.Add(BCObjectIdentifiers.dilithium2_aes); + m_noParams.Add(BCObjectIdentifiers.dilithium3_aes); + m_noParams.Add(BCObjectIdentifiers.dilithium5_aes); + + // + // Falcon + // + m_noParams.Add(BCObjectIdentifiers.falcon); + m_noParams.Add(BCObjectIdentifiers.falcon_512); + m_noParams.Add(BCObjectIdentifiers.falcon_1024); + + // + // Picnic + // + m_noParams.Add(BCObjectIdentifiers.picnic_signature); + m_noParams.Add(BCObjectIdentifiers.picnic_with_sha512); + m_noParams.Add(BCObjectIdentifiers.picnic_with_sha3_512); + m_noParams.Add(BCObjectIdentifiers.picnic_with_shake256); // // XMSS // - noParams.Add(BCObjectIdentifiers.xmss_SHA256ph); - noParams.Add(BCObjectIdentifiers.xmss_SHA512ph); - noParams.Add(BCObjectIdentifiers.xmss_SHAKE128ph); - noParams.Add(BCObjectIdentifiers.xmss_SHAKE256ph); - noParams.Add(BCObjectIdentifiers.xmss_mt_SHA256ph); - noParams.Add(BCObjectIdentifiers.xmss_mt_SHA512ph); - noParams.Add(BCObjectIdentifiers.xmss_mt_SHAKE128ph); - noParams.Add(BCObjectIdentifiers.xmss_mt_SHAKE256ph); - - noParams.Add(BCObjectIdentifiers.xmss_SHA256); - noParams.Add(BCObjectIdentifiers.xmss_SHA512); - noParams.Add(BCObjectIdentifiers.xmss_SHAKE128); - noParams.Add(BCObjectIdentifiers.xmss_SHAKE256); - noParams.Add(BCObjectIdentifiers.xmss_mt_SHA256); - noParams.Add(BCObjectIdentifiers.xmss_mt_SHA512); - noParams.Add(BCObjectIdentifiers.xmss_mt_SHAKE128); - noParams.Add(BCObjectIdentifiers.xmss_mt_SHAKE256); - - noParams.Add(IsaraObjectIdentifiers.id_alg_xmss); - noParams.Add(IsaraObjectIdentifiers.id_alg_xmssmt); + m_noParams.Add(BCObjectIdentifiers.xmss_SHA256ph); + m_noParams.Add(BCObjectIdentifiers.xmss_SHA512ph); + m_noParams.Add(BCObjectIdentifiers.xmss_SHAKE128ph); + m_noParams.Add(BCObjectIdentifiers.xmss_SHAKE256ph); + m_noParams.Add(BCObjectIdentifiers.xmss_mt_SHA256ph); + m_noParams.Add(BCObjectIdentifiers.xmss_mt_SHA512ph); + m_noParams.Add(BCObjectIdentifiers.xmss_mt_SHAKE128ph); + m_noParams.Add(BCObjectIdentifiers.xmss_mt_SHAKE256ph); + + m_noParams.Add(BCObjectIdentifiers.xmss_SHA256); + m_noParams.Add(BCObjectIdentifiers.xmss_SHA512); + m_noParams.Add(BCObjectIdentifiers.xmss_SHAKE128); + m_noParams.Add(BCObjectIdentifiers.xmss_SHAKE256); + m_noParams.Add(BCObjectIdentifiers.xmss_mt_SHA256); + m_noParams.Add(BCObjectIdentifiers.xmss_mt_SHA512); + m_noParams.Add(BCObjectIdentifiers.xmss_mt_SHAKE128); + m_noParams.Add(BCObjectIdentifiers.xmss_mt_SHAKE256); + + m_noParams.Add(IsaraObjectIdentifiers.id_alg_xmss); + m_noParams.Add(IsaraObjectIdentifiers.id_alg_xmssmt); + + // + // qTESLA + // + m_noParams.Add(BCObjectIdentifiers.qTESLA_p_I); + m_noParams.Add(BCObjectIdentifiers.qTESLA_p_III); // // SM2 // - noParams.Add(GMObjectIdentifiers.sm2sign_with_sha256); - noParams.Add(GMObjectIdentifiers.sm2sign_with_sm3); + //m_noParams.Add(GMObjectIdentifiers.sm2sign_with_rmd160); + //m_noParams.Add(GMObjectIdentifiers.sm2sign_with_sha1); + //m_noParams.Add(GMObjectIdentifiers.sm2sign_with_sha224); + m_noParams.Add(GMObjectIdentifiers.sm2sign_with_sha256); + //m_noParams.Add(GMObjectIdentifiers.sm2sign_with_sha384); + //m_noParams.Add(GMObjectIdentifiers.sm2sign_with_sha512); + m_noParams.Add(GMObjectIdentifiers.sm2sign_with_sm3); + + // EdDSA + m_noParams.Add(EdECObjectIdentifiers.id_Ed25519); + m_noParams.Add(EdECObjectIdentifiers.id_Ed448); + + // RFC 8702 + m_noParams.Add(CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE128); + m_noParams.Add(CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE256); + m_noParams.Add(CmsObjectIdentifiers.id_ecdsa_with_shake128); + m_noParams.Add(CmsObjectIdentifiers.id_ecdsa_with_shake256); // // PKCS 1.5 encrypted algorithms // - pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption); - pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption); - pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption); - pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption); - pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption); - pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); - pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); - pkcs15RsaEncryption.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128); - pkcs15RsaEncryption.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160); - pkcs15RsaEncryption.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256); - pkcs15RsaEncryption.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224); - pkcs15RsaEncryption.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256); - pkcs15RsaEncryption.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384); - pkcs15RsaEncryption.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512); + m_pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption); + m_pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption); + m_pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption); + m_pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption); + m_pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption); + m_pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); + m_pkcs15RsaEncryption.Add(PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); + m_pkcs15RsaEncryption.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128); + m_pkcs15RsaEncryption.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160); + m_pkcs15RsaEncryption.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256); + m_pkcs15RsaEncryption.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224); + m_pkcs15RsaEncryption.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256); + m_pkcs15RsaEncryption.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384); + m_pkcs15RsaEncryption.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512); // // explicit params // AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance); - m_params["SHA1WITHRSAANDMGF1"] = CreatePssParams(sha1AlgId, 20); + m_parameters["SHA1WITHRSAANDMGF1"] = CreatePssParams(sha1AlgId, 20); AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance); - m_params["SHA224WITHRSAANDMGF1"] = CreatePssParams(sha224AlgId, 28); + m_parameters["SHA224WITHRSAANDMGF1"] = CreatePssParams(sha224AlgId, 28); AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance); - m_params["SHA256WITHRSAANDMGF1"] = CreatePssParams(sha256AlgId, 32); + m_parameters["SHA256WITHRSAANDMGF1"] = CreatePssParams(sha256AlgId, 32); AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance); - m_params["SHA384WITHRSAANDMGF1"] = CreatePssParams(sha384AlgId, 48); + m_parameters["SHA384WITHRSAANDMGF1"] = CreatePssParams(sha384AlgId, 48); AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512, DerNull.Instance); - m_params["SHA512WITHRSAANDMGF1"] = CreatePssParams(sha512AlgId, 64); + m_parameters["SHA512WITHRSAANDMGF1"] = CreatePssParams(sha512AlgId, 64); AlgorithmIdentifier sha3_224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_224, DerNull.Instance); - m_params["SHA3-224WITHRSAANDMGF1"] = CreatePssParams(sha3_224AlgId, 28); + m_parameters["SHA3-224WITHRSAANDMGF1"] = CreatePssParams(sha3_224AlgId, 28); AlgorithmIdentifier sha3_256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_256, DerNull.Instance); - m_params["SHA3-256WITHRSAANDMGF1"] = CreatePssParams(sha3_256AlgId, 32); + m_parameters["SHA3-256WITHRSAANDMGF1"] = CreatePssParams(sha3_256AlgId, 32); AlgorithmIdentifier sha3_384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_384, DerNull.Instance); - m_params["SHA3-384WITHRSAANDMGF1"] = CreatePssParams(sha3_384AlgId, 48); + m_parameters["SHA3-384WITHRSAANDMGF1"] = CreatePssParams(sha3_384AlgId, 48); AlgorithmIdentifier sha3_512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_512, DerNull.Instance); - m_params["SHA3-512WITHRSAANDMGF1"] = CreatePssParams(sha3_512AlgId, 64); + m_parameters["SHA3-512WITHRSAANDMGF1"] = CreatePssParams(sha3_512AlgId, 64); // // digests @@ -338,85 +457,102 @@ namespace Org.BouncyCastle.Cms m_digestOids[RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256] = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256; m_digestOids[RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512] = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512; + m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_128s_r3] = NistObjectIdentifiers.IdSha256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_128f_r3] = NistObjectIdentifiers.IdSha256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_128s_r3] = NistObjectIdentifiers.IdShake256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_128f_r3] = NistObjectIdentifiers.IdShake256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_192s_r3] = NistObjectIdentifiers.IdSha256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_192f_r3] = NistObjectIdentifiers.IdSha256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_192s_r3] = NistObjectIdentifiers.IdShake256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_192f_r3] = NistObjectIdentifiers.IdShake256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_256s_r3] = NistObjectIdentifiers.IdSha256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_256f_r3] = NistObjectIdentifiers.IdSha256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_256s_r3] = NistObjectIdentifiers.IdShake256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_256f_r3] = NistObjectIdentifiers.IdShake256; + + m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_128s_r3_simple] = NistObjectIdentifiers.IdSha256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_128f_r3_simple] = NistObjectIdentifiers.IdSha256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_128s_r3_simple] = NistObjectIdentifiers.IdShake256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_128f_r3_simple] = NistObjectIdentifiers.IdShake256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_192s_r3_simple] = NistObjectIdentifiers.IdSha256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_192f_r3_simple] = NistObjectIdentifiers.IdSha256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_192s_r3_simple] = NistObjectIdentifiers.IdShake256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_192f_r3_simple] = NistObjectIdentifiers.IdShake256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_256s_r3_simple] = NistObjectIdentifiers.IdSha256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_sha2_256f_r3_simple] = NistObjectIdentifiers.IdSha256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_256s_r3_simple] = NistObjectIdentifiers.IdShake256; + m_digestOids[BCObjectIdentifiers.sphincsPlus_shake_256f_r3_simple] = NistObjectIdentifiers.IdShake256; + + //m_digestOids[GMObjectIdentifiers.sm2sign_with_rmd160] = TeleTrusTObjectIdentifiers.RipeMD160; + //m_digestOids[GMObjectIdentifiers.sm2sign_with_sha1] = OiwObjectIdentifiers.IdSha1; + //m_digestOids[GMObjectIdentifiers.sm2sign_with_sha224] = NistObjectIdentifiers.IdSha224; m_digestOids[GMObjectIdentifiers.sm2sign_with_sha256] = NistObjectIdentifiers.IdSha256; + //m_digestOids[GMObjectIdentifiers.sm2sign_with_sha384] = NistObjectIdentifiers.IdSha384; + //m_digestOids[GMObjectIdentifiers.sm2sign_with_sha512] = NistObjectIdentifiers.IdSha512; m_digestOids[GMObjectIdentifiers.sm2sign_with_sm3] = GMObjectIdentifiers.sm3; + + m_digestOids[CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE128] = NistObjectIdentifiers.IdShake128; + m_digestOids[CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE256] = NistObjectIdentifiers.IdShake256; + m_digestOids[CmsObjectIdentifiers.id_ecdsa_with_shake128] = NistObjectIdentifiers.IdShake128; + m_digestOids[CmsObjectIdentifiers.id_ecdsa_with_shake256] = NistObjectIdentifiers.IdShake256; } - private static AlgorithmIdentifier Generate(string signatureAlgorithm) + private static RsassaPssParameters CreatePssParams(AlgorithmIdentifier hashAlgID, int saltSize) { - AlgorithmIdentifier sigAlgId; - //AlgorithmIdentifier encAlgId; - //AlgorithmIdentifier digAlgId; + return new RsassaPssParameters( + hashAlgID, + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, hashAlgID), + new DerInteger(saltSize), + new DerInteger(1)); + } - if (!m_algorithms.TryGetValue(signatureAlgorithm, out var sigOid)) - throw new ArgumentException("Unknown signature type requested: " + signatureAlgorithm); + // TODO[api] Make virtual + public AlgorithmIdentifier Find(string sigAlgName) + { + string algorithmName = sigAlgName.ToUpperInvariant(); + if (!m_algorithms.TryGetValue(algorithmName, out var sigAlgOid)) + throw new ArgumentException("Unknown signature type requested: " + sigAlgName, nameof(sigAlgName)); - if (noParams.Contains(sigOid)) + AlgorithmIdentifier sigAlgID; + if (m_noParams.Contains(sigAlgOid)) { - sigAlgId = new AlgorithmIdentifier(sigOid); + sigAlgID = new AlgorithmIdentifier(sigAlgOid); } - else if (m_params.TryGetValue(signatureAlgorithm, out var explicitParameters)) + else if (m_parameters.TryGetValue(algorithmName, out var parameters)) { - sigAlgId = new AlgorithmIdentifier(sigOid, explicitParameters); + sigAlgID = new AlgorithmIdentifier(sigAlgOid, parameters); } else { - sigAlgId = new AlgorithmIdentifier(sigOid, DerNull.Instance); + sigAlgID = new AlgorithmIdentifier(sigAlgOid, DerNull.Instance); } - - //if (pkcs15RsaEncryption.Contains(sigOid)) - //{ - // encAlgId = new AlgorithmIdentifier(PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance); - //} - //else - //{ - // encAlgId = sigAlgId; - //} - - //if (sigAlgId.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss)) - //{ - // digAlgId = ((RsassaPssParameters)sigAlgId.Parameters).HashAlgorithm; - //} - //else - //{ - // digAlgId = new AlgorithmIdentifier(m_digestOids[sigOid], DerNull.Instance); - //} - - return sigAlgId; - } - - private static RsassaPssParameters CreatePssParams(AlgorithmIdentifier hashAlgId, int saltSize) - { - return new RsassaPssParameters( - hashAlgId, - new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, hashAlgId), - new DerInteger(saltSize), - new DerInteger(1)); - } - - public AlgorithmIdentifier Find(string sigAlgName) - { - return Generate(sigAlgName); + return sigAlgID; } } + // TODO[api] Create API for this public class DefaultDigestAlgorithmIdentifierFinder { - private static readonly IDictionary<DerObjectIdentifier, DerObjectIdentifier> m_digestOids = + private static readonly Dictionary<DerObjectIdentifier, DerObjectIdentifier> m_digestOids = new Dictionary<DerObjectIdentifier, DerObjectIdentifier>(); - private static readonly IDictionary<string, DerObjectIdentifier> m_digestNameToOids = + private static readonly Dictionary<string, DerObjectIdentifier> m_digestNameToOids = new Dictionary<string, DerObjectIdentifier>(StringComparer.OrdinalIgnoreCase); + private static readonly Dictionary<DerObjectIdentifier, AlgorithmIdentifier> m_digestOidToAlgIDs = + new Dictionary<DerObjectIdentifier, AlgorithmIdentifier>(); + + // signatures that use SHAKE-256 + private static readonly HashSet<DerObjectIdentifier> m_shake256Oids = new HashSet<DerObjectIdentifier>(); static DefaultDigestAlgorithmIdentifierFinder() { // // digests // + m_digestOids.Add(OiwObjectIdentifiers.DsaWithSha1, OiwObjectIdentifiers.IdSha1); m_digestOids.Add(OiwObjectIdentifiers.MD4WithRsaEncryption, PkcsObjectIdentifiers.MD4); m_digestOids.Add(OiwObjectIdentifiers.MD4WithRsa, PkcsObjectIdentifiers.MD4); m_digestOids.Add(OiwObjectIdentifiers.MD5WithRsa, PkcsObjectIdentifiers.MD5); m_digestOids.Add(OiwObjectIdentifiers.Sha1WithRsa, OiwObjectIdentifiers.IdSha1); - m_digestOids.Add(OiwObjectIdentifiers.DsaWithSha1, OiwObjectIdentifiers.IdSha1); m_digestOids.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption, NistObjectIdentifiers.IdSha224); m_digestOids.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption, NistObjectIdentifiers.IdSha256); @@ -424,12 +560,6 @@ namespace Org.BouncyCastle.Cms m_digestOids.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption, NistObjectIdentifiers.IdSha512); m_digestOids.Add(PkcsObjectIdentifiers.Sha512_224WithRSAEncryption, NistObjectIdentifiers.IdSha512_224); m_digestOids.Add(PkcsObjectIdentifiers.Sha512_256WithRSAEncryption, NistObjectIdentifiers.IdSha512_256); - - m_digestOids.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224, NistObjectIdentifiers.IdSha3_224); - m_digestOids.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256, NistObjectIdentifiers.IdSha3_256); - m_digestOids.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384, NistObjectIdentifiers.IdSha3_384); - m_digestOids.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512, NistObjectIdentifiers.IdSha3_512); - m_digestOids.Add(PkcsObjectIdentifiers.MD2WithRsaEncryption, PkcsObjectIdentifiers.MD2); m_digestOids.Add(PkcsObjectIdentifiers.MD4WithRsaEncryption, PkcsObjectIdentifiers.MD4); m_digestOids.Add(PkcsObjectIdentifiers.MD5WithRsaEncryption, PkcsObjectIdentifiers.MD5); @@ -442,25 +572,110 @@ namespace Org.BouncyCastle.Cms m_digestOids.Add(X9ObjectIdentifiers.ECDsaWithSha512, NistObjectIdentifiers.IdSha512); m_digestOids.Add(X9ObjectIdentifiers.IdDsaWithSha1, OiwObjectIdentifiers.IdSha1); + m_digestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA1, OiwObjectIdentifiers.IdSha1); + m_digestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA224, NistObjectIdentifiers.IdSha224); + m_digestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA256, NistObjectIdentifiers.IdSha256); + m_digestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA384, NistObjectIdentifiers.IdSha384); + m_digestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA512, NistObjectIdentifiers.IdSha512); + m_digestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_224, NistObjectIdentifiers.IdSha3_224); + m_digestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_256, NistObjectIdentifiers.IdSha3_256); + m_digestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_384, NistObjectIdentifiers.IdSha3_384); + m_digestOids.Add(BsiObjectIdentifiers.ecdsa_plain_SHA3_512, NistObjectIdentifiers.IdSha3_512); + m_digestOids.Add(BsiObjectIdentifiers.ecdsa_plain_RIPEMD160, TeleTrusTObjectIdentifiers.RipeMD160); + + m_digestOids.Add(EacObjectIdentifiers.id_TA_ECDSA_SHA_1, OiwObjectIdentifiers.IdSha1); + m_digestOids.Add(EacObjectIdentifiers.id_TA_ECDSA_SHA_224, NistObjectIdentifiers.IdSha224); + m_digestOids.Add(EacObjectIdentifiers.id_TA_ECDSA_SHA_256, NistObjectIdentifiers.IdSha256); + m_digestOids.Add(EacObjectIdentifiers.id_TA_ECDSA_SHA_384, NistObjectIdentifiers.IdSha384); + m_digestOids.Add(EacObjectIdentifiers.id_TA_ECDSA_SHA_512, NistObjectIdentifiers.IdSha512); + m_digestOids.Add(NistObjectIdentifiers.DsaWithSha224, NistObjectIdentifiers.IdSha224); m_digestOids.Add(NistObjectIdentifiers.DsaWithSha256, NistObjectIdentifiers.IdSha256); m_digestOids.Add(NistObjectIdentifiers.DsaWithSha384, NistObjectIdentifiers.IdSha384); m_digestOids.Add(NistObjectIdentifiers.DsaWithSha512, NistObjectIdentifiers.IdSha512); + m_digestOids.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224, NistObjectIdentifiers.IdSha3_224); + m_digestOids.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256, NistObjectIdentifiers.IdSha3_256); + m_digestOids.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384, NistObjectIdentifiers.IdSha3_384); + m_digestOids.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512, NistObjectIdentifiers.IdSha3_512); + m_digestOids.Add(NistObjectIdentifiers.IdDsaWithSha3_224, NistObjectIdentifiers.IdSha3_224); + m_digestOids.Add(NistObjectIdentifiers.IdDsaWithSha3_256, NistObjectIdentifiers.IdSha3_256); + m_digestOids.Add(NistObjectIdentifiers.IdDsaWithSha3_384, NistObjectIdentifiers.IdSha3_384); + m_digestOids.Add(NistObjectIdentifiers.IdDsaWithSha3_512, NistObjectIdentifiers.IdSha3_512); + m_digestOids.Add(NistObjectIdentifiers.IdEcdsaWithSha3_224, NistObjectIdentifiers.IdSha3_224); + m_digestOids.Add(NistObjectIdentifiers.IdEcdsaWithSha3_256, NistObjectIdentifiers.IdSha3_256); + m_digestOids.Add(NistObjectIdentifiers.IdEcdsaWithSha3_384, NistObjectIdentifiers.IdSha3_384); + m_digestOids.Add(NistObjectIdentifiers.IdEcdsaWithSha3_512, NistObjectIdentifiers.IdSha3_512); + m_digestOids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128, TeleTrusTObjectIdentifiers.RipeMD128); m_digestOids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160, TeleTrusTObjectIdentifiers.RipeMD160); m_digestOids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256, TeleTrusTObjectIdentifiers.RipeMD256); m_digestOids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, CryptoProObjectIdentifiers.GostR3411); m_digestOids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001, CryptoProObjectIdentifiers.GostR3411); + m_digestOids.Add(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256); + m_digestOids.Add(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512); + + m_digestOids.Add(BCObjectIdentifiers.sphincs256_with_SHA3_512, NistObjectIdentifiers.IdSha3_512); + m_digestOids.Add(BCObjectIdentifiers.sphincs256_with_SHA512, NistObjectIdentifiers.IdSha512); + + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_128s_r3, NistObjectIdentifiers.IdSha256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_128f_r3, NistObjectIdentifiers.IdSha256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_128s_r3, NistObjectIdentifiers.IdShake256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_128f_r3, NistObjectIdentifiers.IdShake256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_192s_r3, NistObjectIdentifiers.IdSha256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_192f_r3, NistObjectIdentifiers.IdSha256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_192s_r3, NistObjectIdentifiers.IdShake256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_192f_r3, NistObjectIdentifiers.IdShake256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_256s_r3, NistObjectIdentifiers.IdSha256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_256f_r3, NistObjectIdentifiers.IdSha256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_256s_r3, NistObjectIdentifiers.IdShake256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_256f_r3, NistObjectIdentifiers.IdShake256); + + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_128s_r3_simple, NistObjectIdentifiers.IdSha256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_128f_r3_simple, NistObjectIdentifiers.IdSha256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_128s_r3_simple, NistObjectIdentifiers.IdShake256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_128f_r3_simple, NistObjectIdentifiers.IdShake256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_192s_r3_simple, NistObjectIdentifiers.IdSha256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_192f_r3_simple, NistObjectIdentifiers.IdSha256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_192s_r3_simple, NistObjectIdentifiers.IdShake256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_192f_r3_simple, NistObjectIdentifiers.IdShake256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_256s_r3_simple, NistObjectIdentifiers.IdSha256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_sha2_256f_r3_simple, NistObjectIdentifiers.IdSha256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_256s_r3_simple, NistObjectIdentifiers.IdShake256); + m_digestOids.Add(BCObjectIdentifiers.sphincsPlus_shake_256f_r3_simple, NistObjectIdentifiers.IdShake256); + + m_digestOids.Add(BCObjectIdentifiers.falcon, NistObjectIdentifiers.IdShake256); + m_digestOids.Add(BCObjectIdentifiers.falcon_512, NistObjectIdentifiers.IdShake256); + m_digestOids.Add(BCObjectIdentifiers.falcon_1024, NistObjectIdentifiers.IdShake256); + + m_digestOids.Add(BCObjectIdentifiers.picnic_signature, NistObjectIdentifiers.IdShake256); + m_digestOids.Add(BCObjectIdentifiers.picnic_with_sha512, NistObjectIdentifiers.IdSha512); + m_digestOids.Add(BCObjectIdentifiers.picnic_with_sha3_512, NistObjectIdentifiers.IdSha3_512); + m_digestOids.Add(BCObjectIdentifiers.picnic_with_shake256, NistObjectIdentifiers.IdShake256); + + //m_digestOids.Add(GMObjectIdentifiers.sm2sign_with_rmd160, TeleTrusTObjectIdentifiers.RipeMD160); + //m_digestOids.Add(GMObjectIdentifiers.sm2sign_with_sha1, OiwObjectIdentifiers.IdSha1); + //m_digestOids.Add(GMObjectIdentifiers.sm2sign_with_sha224, NistObjectIdentifiers.IdSha224); + m_digestOids.Add(GMObjectIdentifiers.sm2sign_with_sha256, NistObjectIdentifiers.IdSha256); + //m_digestOids.Add(GMObjectIdentifiers.sm2sign_with_sha384, NistObjectIdentifiers.IdSha384); + //m_digestOids.Add(GMObjectIdentifiers.sm2sign_with_sha512, NistObjectIdentifiers.IdSha512); + m_digestOids.Add(GMObjectIdentifiers.sm2sign_with_sm3, GMObjectIdentifiers.sm3); + + m_digestOids.Add(CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE128, NistObjectIdentifiers.IdShake128); + m_digestOids.Add(CmsObjectIdentifiers.id_RSASSA_PSS_SHAKE256, NistObjectIdentifiers.IdShake256); + m_digestOids.Add(CmsObjectIdentifiers.id_ecdsa_with_shake128, NistObjectIdentifiers.IdShake128); + m_digestOids.Add(CmsObjectIdentifiers.id_ecdsa_with_shake256, NistObjectIdentifiers.IdShake256); m_digestNameToOids.Add("SHA-1", OiwObjectIdentifiers.IdSha1); m_digestNameToOids.Add("SHA-224", NistObjectIdentifiers.IdSha224); m_digestNameToOids.Add("SHA-256", NistObjectIdentifiers.IdSha256); m_digestNameToOids.Add("SHA-384", NistObjectIdentifiers.IdSha384); m_digestNameToOids.Add("SHA-512", NistObjectIdentifiers.IdSha512); + m_digestNameToOids.Add("SHA-512-224", NistObjectIdentifiers.IdSha512_224); m_digestNameToOids.Add("SHA-512/224", NistObjectIdentifiers.IdSha512_224); m_digestNameToOids.Add("SHA-512(224)", NistObjectIdentifiers.IdSha512_224); + m_digestNameToOids.Add("SHA-512-256", NistObjectIdentifiers.IdSha512_256); m_digestNameToOids.Add("SHA-512/256", NistObjectIdentifiers.IdSha512_256); m_digestNameToOids.Add("SHA-512(256)", NistObjectIdentifiers.IdSha512_256); @@ -469,8 +684,10 @@ namespace Org.BouncyCastle.Cms m_digestNameToOids.Add("SHA256", NistObjectIdentifiers.IdSha256); m_digestNameToOids.Add("SHA384", NistObjectIdentifiers.IdSha384); m_digestNameToOids.Add("SHA512", NistObjectIdentifiers.IdSha512); + m_digestNameToOids.Add("SHA512-224", NistObjectIdentifiers.IdSha512_224); m_digestNameToOids.Add("SHA512/224", NistObjectIdentifiers.IdSha512_224); m_digestNameToOids.Add("SHA512(224)", NistObjectIdentifiers.IdSha512_224); + m_digestNameToOids.Add("SHA512-256", NistObjectIdentifiers.IdSha512_256); m_digestNameToOids.Add("SHA512/256", NistObjectIdentifiers.IdSha512_256); m_digestNameToOids.Add("SHA512(256)", NistObjectIdentifiers.IdSha512_256); @@ -479,10 +696,14 @@ namespace Org.BouncyCastle.Cms m_digestNameToOids.Add("SHA3-384", NistObjectIdentifiers.IdSha3_384); m_digestNameToOids.Add("SHA3-512", NistObjectIdentifiers.IdSha3_512); + m_digestNameToOids.Add("SHAKE128", NistObjectIdentifiers.IdShake128); + m_digestNameToOids.Add("SHAKE256", NistObjectIdentifiers.IdShake256); m_digestNameToOids.Add("SHAKE-128", NistObjectIdentifiers.IdShake128); m_digestNameToOids.Add("SHAKE-256", NistObjectIdentifiers.IdShake256); m_digestNameToOids.Add("GOST3411", CryptoProObjectIdentifiers.GostR3411); + m_digestNameToOids.Add("GOST3411-2012-256", RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256); + m_digestNameToOids.Add("GOST3411-2012-512", RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512); m_digestNameToOids.Add("MD2", PkcsObjectIdentifiers.MD2); m_digestNameToOids.Add("MD4", PkcsObjectIdentifiers.MD4); @@ -491,27 +712,132 @@ namespace Org.BouncyCastle.Cms m_digestNameToOids.Add("RIPEMD128", TeleTrusTObjectIdentifiers.RipeMD128); m_digestNameToOids.Add("RIPEMD160", TeleTrusTObjectIdentifiers.RipeMD160); m_digestNameToOids.Add("RIPEMD256", TeleTrusTObjectIdentifiers.RipeMD256); + + m_digestNameToOids.Add("SM3", GMObjectIdentifiers.sm3); + + // IETF RFC 3370 + AddDigestAlgID(OiwObjectIdentifiers.IdSha1, true); + // IETF RFC 5754 + AddDigestAlgID(NistObjectIdentifiers.IdSha224, false); + AddDigestAlgID(NistObjectIdentifiers.IdSha256, false); + AddDigestAlgID(NistObjectIdentifiers.IdSha384, false); + AddDigestAlgID(NistObjectIdentifiers.IdSha512, false); + AddDigestAlgID(NistObjectIdentifiers.IdSha512_224, false); + AddDigestAlgID(NistObjectIdentifiers.IdSha512_256, false); + + // NIST CSOR + AddDigestAlgID(NistObjectIdentifiers.IdSha3_224, false); + AddDigestAlgID(NistObjectIdentifiers.IdSha3_256, false); + AddDigestAlgID(NistObjectIdentifiers.IdSha3_384, false); + AddDigestAlgID(NistObjectIdentifiers.IdSha3_512, false); + + // RFC 8702 + AddDigestAlgID(NistObjectIdentifiers.IdShake128, false); + AddDigestAlgID(NistObjectIdentifiers.IdShake256, false); + + // RFC 4357 + AddDigestAlgID(CryptoProObjectIdentifiers.GostR3411, true); + + // draft-deremin-rfc4491 + AddDigestAlgID(RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256, false); + AddDigestAlgID(RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512, false); + + // IETF RFC 1319 + AddDigestAlgID(PkcsObjectIdentifiers.MD2, true); + // IETF RFC 1320 + AddDigestAlgID(PkcsObjectIdentifiers.MD4, true); + // IETF RFC 1321 + AddDigestAlgID(PkcsObjectIdentifiers.MD5, true); + + // found no standard which specified the handle of AlgorithmIdentifier.parameters, + // so let it as before. + AddDigestAlgID(TeleTrusTObjectIdentifiers.RipeMD128, true); + AddDigestAlgID(TeleTrusTObjectIdentifiers.RipeMD160, true); + AddDigestAlgID(TeleTrusTObjectIdentifiers.RipeMD256, true); + + m_shake256Oids.Add(EdECObjectIdentifiers.id_Ed448); + + m_shake256Oids.Add(BCObjectIdentifiers.dilithium2); + m_shake256Oids.Add(BCObjectIdentifiers.dilithium3); + m_shake256Oids.Add(BCObjectIdentifiers.dilithium5); + m_shake256Oids.Add(BCObjectIdentifiers.dilithium2_aes); + m_shake256Oids.Add(BCObjectIdentifiers.dilithium3_aes); + m_shake256Oids.Add(BCObjectIdentifiers.dilithium5_aes); + + m_shake256Oids.Add(BCObjectIdentifiers.falcon_512); + m_shake256Oids.Add(BCObjectIdentifiers.falcon_1024); } + private static void AddDigestAlgID(DerObjectIdentifier oid, bool withNullParams) + { + AlgorithmIdentifier algID; + if (withNullParams) + { + algID = new AlgorithmIdentifier(oid, DerNull.Instance); + } + else + { + algID = new AlgorithmIdentifier(oid); + } + m_digestOidToAlgIDs.Add(oid, algID); + } + + // TODO[api] Make virtual public AlgorithmIdentifier Find(AlgorithmIdentifier sigAlgId) { - AlgorithmIdentifier digAlgId; + DerObjectIdentifier sigAlgOid = sigAlgId.Algorithm; + + if (m_shake256Oids.Contains(sigAlgOid)) + return new AlgorithmIdentifier(NistObjectIdentifiers.IdShake256Len, new DerInteger(512)); - if (sigAlgId.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss)) + DerObjectIdentifier digAlgOid; + if (PkcsObjectIdentifiers.IdRsassaPss.Equals(sigAlgOid)) { - digAlgId = RsassaPssParameters.GetInstance(sigAlgId.Parameters).HashAlgorithm; + digAlgOid = RsassaPssParameters.GetInstance(sigAlgId.Parameters).HashAlgorithm.Algorithm; + } + else if (EdECObjectIdentifiers.id_Ed25519.Equals(sigAlgOid)) + { + digAlgOid = NistObjectIdentifiers.IdSha512; + } + else if (PkcsObjectIdentifiers.IdAlgHssLmsHashsig.Equals(sigAlgOid)) + { + digAlgOid = NistObjectIdentifiers.IdSha256; } else { - digAlgId = new AlgorithmIdentifier(m_digestOids[sigAlgId.Algorithm], DerNull.Instance); + digAlgOid = CollectionUtilities.GetValueOrNull(m_digestOids, sigAlgOid); } - return digAlgId; + return Find(digAlgOid); + } + + public virtual AlgorithmIdentifier Find(DerObjectIdentifier digAlgOid) + { + if (digAlgOid == null) + throw new ArgumentNullException(nameof(digAlgOid)); + + if (m_digestOidToAlgIDs.TryGetValue(digAlgOid, out var digAlgID)) + return digAlgID; + + return new AlgorithmIdentifier(digAlgOid); } + // TODO[api] Make virtual public AlgorithmIdentifier Find(string digAlgName) { - return new AlgorithmIdentifier(m_digestNameToOids[digAlgName], DerNull.Instance); + if (m_digestNameToOids.TryGetValue(digAlgName, out var oid)) + return Find(oid); + + try + { + return Find(new DerObjectIdentifier(digAlgName)); + } + catch (Exception) + { + // ignore - tried it but it didn't work... + } + + return null; } } diff --git a/crypto/src/cms/CMSSignedHelper.cs b/crypto/src/cms/CMSSignedHelper.cs index 8f2a92147..b7566c409 100644 --- a/crypto/src/cms/CMSSignedHelper.cs +++ b/crypto/src/cms/CMSSignedHelper.cs @@ -5,7 +5,6 @@ using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cms; using Org.BouncyCastle.Asn1.CryptoPro; using Org.BouncyCastle.Asn1.Eac; -using Org.BouncyCastle.Asn1.Esf; using Org.BouncyCastle.Asn1.Nist; using Org.BouncyCastle.Asn1.Oiw; using Org.BouncyCastle.Asn1.Pkcs; @@ -200,20 +199,20 @@ namespace Org.BouncyCastle.Cms } } - internal ISigner GetSignatureInstance( - string algorithm) + internal ISigner GetSignatureInstance(string algorithm) { return SignerUtilities.GetSigner(algorithm); } - internal AlgorithmIdentifier FixAlgID( - AlgorithmIdentifier algId) - { - if (algId.Parameters == null) - return new AlgorithmIdentifier(algId.Algorithm, DerNull.Instance); + internal AlgorithmIdentifier FixDigestAlgID(AlgorithmIdentifier algID, + DefaultDigestAlgorithmIdentifierFinder digestAlgIDFinder) + { + var parameters = algID.Parameters; + if (parameters == null || DerNull.Instance.Equals(parameters)) + return digestAlgIDFinder.Find(algID.Algorithm); - return algId; - } + return algID; + } internal string GetEncOid( AsymmetricKeyParameter key, diff --git a/crypto/src/cms/CMSUtils.cs b/crypto/src/cms/CMSUtils.cs index 1e3a5734f..5124dce94 100644 --- a/crypto/src/cms/CMSUtils.cs +++ b/crypto/src/cms/CMSUtils.cs @@ -71,15 +71,9 @@ namespace Org.BouncyCastle.Cms } } - internal static byte[] StreamToByteArray(Stream inStream) - { - return Streams.ReadAll(inStream); - } + internal static byte[] StreamToByteArray(Stream inStream) => Streams.ReadAll(inStream); - internal static byte[] StreamToByteArray(Stream inStream, int limit) - { - return Streams.ReadAllLimited(inStream, limit); - } + internal static byte[] StreamToByteArray(Stream inStream, int limit) => Streams.ReadAllLimited(inStream, limit); internal static List<Asn1TaggedObject> GetAttributeCertificatesFromStore( IStore<X509V2AttributeCertificate> attrCertStore) @@ -155,34 +149,63 @@ namespace Org.BouncyCastle.Cms return result; } + // TODO Clean up this method (which is not present in bc-java) + internal static void AddDigestAlgs(Asn1EncodableVector digestAlgs, SignerInformation signer, + DefaultDigestAlgorithmIdentifierFinder dgstAlgFinder) + { + var helper = CmsSignedHelper.Instance; + digestAlgs.Add(helper.FixDigestAlgID(signer.DigestAlgorithmID, dgstAlgFinder)); + SignerInformationStore counterSignaturesStore = signer.GetCounterSignatures(); + foreach (var counterSigner in counterSignaturesStore) + { + digestAlgs.Add(helper.FixDigestAlgID(counterSigner.DigestAlgorithmID, dgstAlgFinder)); + } + } + + internal static void AddDigestAlgs(ISet<AlgorithmIdentifier> digestAlgs, SignerInformation signer, + DefaultDigestAlgorithmIdentifierFinder dgstAlgFinder) + { + var helper = CmsSignedHelper.Instance; + digestAlgs.Add(helper.FixDigestAlgID(signer.DigestAlgorithmID, dgstAlgFinder)); + SignerInformationStore counterSignaturesStore = signer.GetCounterSignatures(); + foreach (var counterSigner in counterSignaturesStore) + { + digestAlgs.Add(helper.FixDigestAlgID(counterSigner.DigestAlgorithmID, dgstAlgFinder)); + } + } + + internal static Asn1Set ConvertToDLSet(ISet<AlgorithmIdentifier> digestAlgs) + { + Asn1EncodableVector v = new Asn1EncodableVector(digestAlgs.Count); + foreach (var digestAlg in digestAlgs) + { + v.Add(digestAlg); + } + return DLSet.FromVector(v); + } + internal static Asn1Set CreateBerSetFromList(IEnumerable<Asn1Encodable> elements) { Asn1EncodableVector v = new Asn1EncodableVector(); - foreach (Asn1Encodable element in elements) { v.Add(element); } - return BerSet.FromVector(v); } internal static Asn1Set CreateDerSetFromList(IEnumerable<Asn1Encodable> elements) { Asn1EncodableVector v = new Asn1EncodableVector(); - foreach (Asn1Encodable element in elements) { v.Add(element); } - return DerSet.FromVector(v); } - internal static TbsCertificateStructure GetTbsCertificateStructure(X509Certificate cert) - { - return cert.CertificateStructure.TbsCertificate; - } + internal static TbsCertificateStructure GetTbsCertificateStructure(X509Certificate cert) => + cert.CertificateStructure.TbsCertificate; internal static IssuerAndSerialNumber GetIssuerAndSerialNumber(X509Certificate cert) { diff --git a/crypto/src/cms/SignerInformation.cs b/crypto/src/cms/SignerInformation.cs index 24ba20037..488e3e425 100644 --- a/crypto/src/cms/SignerInformation.cs +++ b/crypto/src/cms/SignerInformation.cs @@ -393,7 +393,7 @@ namespace Org.BouncyCastle.Cms sig = Helper.GetSignatureInstance(signatureName); //sig = Helper.GetSignatureInstance(this.EncryptionAlgOid); - //sig = SignerUtilities.GetSigner(sigAlgOid); + //sig = Helper.GetSignatureInstance(sigAlgOid); } try @@ -599,7 +599,7 @@ namespace Org.BouncyCastle.Cms } else if (algorithm.Equals("DSA")) { - ISigner sig = SignerUtilities.GetSigner("NONEwithDSA"); + ISigner sig = Helper.GetSignatureInstance("NONEwithDSA"); sig.Init(false, key); diff --git a/crypto/src/security/SignerUtilities.cs b/crypto/src/security/SignerUtilities.cs index 917759a8e..918356450 100644 --- a/crypto/src/security/SignerUtilities.cs +++ b/crypto/src/security/SignerUtilities.cs @@ -726,7 +726,7 @@ namespace Org.BouncyCastle.Security return CollectionUtilities.GetValueOrNull(AlgorithmMap, oid.Id); } - // TODO Rename 'privateKey' to 'key' + // TODO[api] Rename 'privateKey' to 'key' public static ISigner InitSigner(DerObjectIdentifier algorithmOid, bool forSigning, AsymmetricKeyParameter privateKey, SecureRandom random) { @@ -736,7 +736,7 @@ namespace Org.BouncyCastle.Security return InitSigner(algorithmOid.Id, forSigning, privateKey, random); } - // TODO Rename 'privateKey' to 'key' + // TODO[api] Rename 'privateKey' to 'key' public static ISigner InitSigner(string algorithm, bool forSigning, AsymmetricKeyParameter privateKey, SecureRandom random) { |