diff options
26 files changed, 77 insertions, 102 deletions
diff --git a/crypto/src/cmp/ProtectedPkiMessage.cs b/crypto/src/cmp/ProtectedPkiMessage.cs index 770fe5443..738fd8ab3 100644 --- a/crypto/src/cmp/ProtectedPkiMessage.cs +++ b/crypto/src/cmp/ProtectedPkiMessage.cs @@ -104,14 +104,14 @@ namespace Org.BouncyCastle.Cmp /// <returns>true if the provider is able to create a verifier that validates the signature, false otherwise.</returns> public bool Verify(IVerifierFactory verifierFactory) { - IStreamCalculator streamCalculator = verifierFactory.CreateCalculator(); + IStreamCalculator<IVerifier> streamCalculator = verifierFactory.CreateCalculator(); - IVerifier result = (IVerifier)Process(streamCalculator); + IVerifier result = Process(streamCalculator); return result.IsVerified(pkiMessage.Protection.GetBytes()); } - private object Process(IStreamCalculator streamCalculator) + private TResult Process<TResult>(IStreamCalculator<TResult> streamCalculator) { Asn1EncodableVector avec = new Asn1EncodableVector(); avec.Add(pkiMessage.Header); @@ -141,7 +141,7 @@ namespace Org.BouncyCastle.Cmp pkMacBuilder.SetParameters(parameter); - IBlockResult result = (IBlockResult)Process(pkMacBuilder.Build(password).CreateCalculator()); + IBlockResult result = Process(pkMacBuilder.Build(password).CreateCalculator()); return Arrays.ConstantTimeAreEqual(result.Collect(), this.pkiMessage.Protection.GetBytes()); } diff --git a/crypto/src/cmp/ProtectedPkiMessageBuilder.cs b/crypto/src/cmp/ProtectedPkiMessageBuilder.cs index 6440c3f4e..8573d1fc8 100644 --- a/crypto/src/cmp/ProtectedPkiMessageBuilder.cs +++ b/crypto/src/cmp/ProtectedPkiMessageBuilder.cs @@ -92,7 +92,7 @@ namespace Org.BouncyCastle.Cmp if (null == body) throw new InvalidOperationException("body must be set before building"); - IStreamCalculator calculator = signatureFactory.CreateCalculator(); + IStreamCalculator<IBlockResult> calculator = signatureFactory.CreateCalculator(); if (!(signatureFactory.AlgorithmDetails is AlgorithmIdentifier)) { @@ -110,7 +110,7 @@ namespace Org.BouncyCastle.Cmp if (null == body) throw new InvalidOperationException("body must be set before building"); - IStreamCalculator calculator = factory.CreateCalculator(); + IStreamCalculator<IBlockResult> calculator = factory.CreateCalculator(); FinalizeHeader((AlgorithmIdentifier)factory.AlgorithmDetails); PkiHeader header = hdrBuilBuilder.Build(); DerBitString protection = new DerBitString(CalculateSignature(calculator, header, body)); @@ -128,40 +128,23 @@ namespace Org.BouncyCastle.Cmp private ProtectedPkiMessage FinalizeMessage(PkiHeader header, DerBitString protection) { - if (extraCerts.Count > 0) + if (extraCerts.Count < 1) + return new ProtectedPkiMessage(new PkiMessage(header, body, protection)); + + CmpCertificate[] cmpCertificates = new CmpCertificate[extraCerts.Count]; + for (int i = 0; i < cmpCertificates.Length; i++) { - CmpCertificate[] cmpCertificates = new CmpCertificate[extraCerts.Count]; - for (int i = 0; i < cmpCertificates.Length; i++) - { - byte[] cert = extraCerts[i].GetEncoded(); - cmpCertificates[i] = CmpCertificate.GetInstance(Asn1Object.FromByteArray(cert)); - } - - return new ProtectedPkiMessage(new PkiMessage(header, body, protection, cmpCertificates)); + byte[] cert = extraCerts[i].GetEncoded(); + cmpCertificates[i] = CmpCertificate.GetInstance(Asn1Object.FromByteArray(cert)); } - return new ProtectedPkiMessage(new PkiMessage(header, body, protection)); + return new ProtectedPkiMessage(new PkiMessage(header, body, protection, cmpCertificates)); } - private byte[] CalculateSignature(IStreamCalculator signer, PkiHeader header, PkiBody body) + private byte[] CalculateSignature(IStreamCalculator<IBlockResult> signer, PkiHeader header, PkiBody body) { new DerSequence(header, body).EncodeTo(signer.Stream); - object result = signer.GetResult(); - - if (result is DefaultSignatureResult sigResult) - { - return sigResult.Collect(); - } - else if (result is IBlockResult blockResult) - { - return blockResult.Collect(); - } - else if (result is byte[] bytesResult) - { - return bytesResult; - } - - throw new InvalidOperationException("result is not byte[] or DefaultSignatureResult"); + return signer.GetResult().Collect(); } } } diff --git a/crypto/src/cms/CMSSignedDataGenerator.cs b/crypto/src/cms/CMSSignedDataGenerator.cs index 3a612a635..c2304a09b 100644 --- a/crypto/src/cms/CMSSignedDataGenerator.cs +++ b/crypto/src/cms/CMSSignedDataGenerator.cs @@ -133,7 +133,7 @@ namespace Org.BouncyCastle.Cms Asn1Set signedAttr = null; - IStreamCalculator calculator = sigCalc.CreateCalculator(); + IStreamCalculator<IBlockResult> calculator = sigCalc.CreateCalculator(); using (Stream sigStr = calculator.Stream) { if (sAttr != null) @@ -165,7 +165,7 @@ namespace Org.BouncyCastle.Cms } } - byte[] sigBytes = ((IBlockResult)calculator.GetResult()).Collect(); + byte[] sigBytes = calculator.GetResult().Collect(); Asn1Set unsignedAttr = null; if (unsAttr != null) diff --git a/crypto/src/crmf/CertificateRequestMessage.cs b/crypto/src/crmf/CertificateRequestMessage.cs index c733eecbb..0a246aaa4 100644 --- a/crypto/src/crmf/CertificateRequestMessage.cs +++ b/crypto/src/crmf/CertificateRequestMessage.cs @@ -190,7 +190,7 @@ namespace Org.BouncyCastle.Crmf private bool verifySignature(IVerifierFactoryProvider verifierFactoryProvider, PopoSigningKey signKey) { IVerifierFactory verifer; - IStreamCalculator calculator; + IStreamCalculator<IVerifier> calculator; try { verifer = verifierFactoryProvider.CreateVerifierFactory(signKey.AlgorithmIdentifier); @@ -212,7 +212,7 @@ namespace Org.BouncyCastle.Crmf calculator.Stream.Write(b, 0, b.Length); } - DefaultVerifierResult result = (DefaultVerifierResult)calculator.GetResult(); + IVerifier result = calculator.GetResult(); return result.IsVerified(signKey.Signature.GetBytes()); } diff --git a/crypto/src/crmf/PKMacBuilder.cs b/crypto/src/crmf/PKMacBuilder.cs index 9b483fbfb..bce26b825 100644 --- a/crypto/src/crmf/PKMacBuilder.cs +++ b/crypto/src/crmf/PKMacBuilder.cs @@ -15,7 +15,7 @@ using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Crmf { internal class PKMacStreamCalculator - : IStreamCalculator + : IStreamCalculator<DefaultPKMacResult> { private readonly MacSink _stream; @@ -29,7 +29,7 @@ namespace Org.BouncyCastle.Crmf get { return _stream; } } - public object GetResult() + public DefaultPKMacResult GetResult() { return new DefaultPKMacResult(_stream.Mac); } @@ -52,7 +52,7 @@ namespace Org.BouncyCastle.Crmf get { return new AlgorithmIdentifier(CmpObjectIdentifiers.passwordBasedMac, parameters); } } - public virtual IStreamCalculator CreateCalculator() + public virtual IStreamCalculator<IBlockResult> CreateCalculator() { IMac mac = MacUtilities.GetMac(parameters.Mac.Algorithm); mac.Init(new KeyParameter(key)); diff --git a/crypto/src/crmf/ProofOfPossessionSigningKeyBuilder.cs b/crypto/src/crmf/ProofOfPossessionSigningKeyBuilder.cs index 50c2ea65c..eed66b083 100644 --- a/crypto/src/crmf/ProofOfPossessionSigningKeyBuilder.cs +++ b/crypto/src/crmf/ProofOfPossessionSigningKeyBuilder.cs @@ -38,7 +38,7 @@ namespace Org.BouncyCastle.Crmf { IMacFactory fact = generator.Build(password); - IStreamCalculator calc = fact.CreateCalculator(); + IStreamCalculator<IBlockResult> calc = fact.CreateCalculator(); byte[] d = _pubKeyInfo.GetDerEncoded(); calc.Stream.Write(d, 0, d.Length); calc.Stream.Flush(); @@ -46,7 +46,7 @@ namespace Org.BouncyCastle.Crmf this._publicKeyMAC = new PKMacValue( (AlgorithmIdentifier)fact.AlgorithmDetails, - new DerBitString(((IBlockResult)calc.GetResult()).Collect())); + new DerBitString(calc.GetResult().Collect())); return this; } @@ -60,7 +60,7 @@ namespace Org.BouncyCastle.Crmf PopoSigningKeyInput popo; - IStreamCalculator calc = signer.CreateCalculator(); + IStreamCalculator<IBlockResult> calc = signer.CreateCalculator(); using (Stream sigStream = calc.Stream) { if (_certRequest != null) @@ -80,7 +80,7 @@ namespace Org.BouncyCastle.Crmf } } - var signature = ((IBlockResult)calc.GetResult()).Collect(); + var signature = calc.GetResult().Collect(); return new PopoSigningKey(popo, (AlgorithmIdentifier)signer.AlgorithmDetails, new DerBitString(signature)); } diff --git a/crypto/src/crypto/IDigestFactory.cs b/crypto/src/crypto/IDigestFactory.cs index eedac14e4..33d8f0974 100644 --- a/crypto/src/crypto/IDigestFactory.cs +++ b/crypto/src/crypto/IDigestFactory.cs @@ -20,6 +20,6 @@ namespace Org.BouncyCastle.Crypto /// and producing the digest block. /// </summary> /// <returns>A calculator producing an IBlockResult with the final digest in it.</returns> - IStreamCalculator CreateCalculator(); + IStreamCalculator<IBlockResult> CreateCalculator(); } } diff --git a/crypto/src/crypto/IMacFactory.cs b/crypto/src/crypto/IMacFactory.cs index 9180ef1ea..49ace39d5 100644 --- a/crypto/src/crypto/IMacFactory.cs +++ b/crypto/src/crypto/IMacFactory.cs @@ -13,6 +13,6 @@ namespace Org.BouncyCastle.Crypto /// and producing the signature block. /// </summary> /// <returns>A calculator producing an IBlockResult with a signature in it.</returns> - IStreamCalculator CreateCalculator(); + IStreamCalculator<IBlockResult> CreateCalculator(); } } diff --git a/crypto/src/crypto/ISignatureFactory.cs b/crypto/src/crypto/ISignatureFactory.cs index 1186d85a6..c161d84da 100644 --- a/crypto/src/crypto/ISignatureFactory.cs +++ b/crypto/src/crypto/ISignatureFactory.cs @@ -16,7 +16,7 @@ namespace Org.BouncyCastle.Crypto /// and producing the signature block. /// </summary> /// <returns>A calculator producing an IBlockResult with a signature in it.</returns> - IStreamCalculator CreateCalculator(); + IStreamCalculator<IBlockResult> CreateCalculator(); } } diff --git a/crypto/src/crypto/IStreamCalculator.cs b/crypto/src/crypto/IStreamCalculator.cs index 502b29d2d..2161b5f4d 100644 --- a/crypto/src/crypto/IStreamCalculator.cs +++ b/crypto/src/crypto/IStreamCalculator.cs @@ -1,5 +1,4 @@ -using System; -using System.IO; +using System.IO; namespace Org.BouncyCastle.Crypto { @@ -7,7 +6,7 @@ namespace Org.BouncyCastle.Crypto /// Base interface for cryptographic operations such as Hashes, MACs, and Signatures which reduce a stream of data /// to a single value. /// </summary> - public interface IStreamCalculator + public interface IStreamCalculator<out TResult> { /// <summary>Return a "sink" stream which only exists to update the implementing object.</summary> /// <returns>A stream to write to in order to update the implementing object.</returns> @@ -18,6 +17,6 @@ namespace Org.BouncyCastle.Crypto /// has been closed. /// </summary> /// <returns>The result of processing the stream.</returns> - object GetResult(); + TResult GetResult(); } } diff --git a/crypto/src/crypto/IVerifierFactory.cs b/crypto/src/crypto/IVerifierFactory.cs index 707c72111..e6c6bc9af 100644 --- a/crypto/src/crypto/IVerifierFactory.cs +++ b/crypto/src/crypto/IVerifierFactory.cs @@ -16,6 +16,6 @@ namespace Org.BouncyCastle.Crypto /// and producing a result which can be used to verify the original signature. /// </summary> /// <returns>A calculator producing an IVerifier which can verify the signature.</returns> - IStreamCalculator CreateCalculator(); + IStreamCalculator<IVerifier> CreateCalculator(); } } diff --git a/crypto/src/crypto/operators/Asn1DigestFactory.cs b/crypto/src/crypto/operators/Asn1DigestFactory.cs index 16bd33fdf..0c1b6fb41 100644 --- a/crypto/src/crypto/operators/Asn1DigestFactory.cs +++ b/crypto/src/crypto/operators/Asn1DigestFactory.cs @@ -8,7 +8,8 @@ using Org.BouncyCastle.Security; namespace Org.BouncyCastle.Crypto.Operators { - public class Asn1DigestFactory : IDigestFactory + public class Asn1DigestFactory + : IDigestFactory { public static Asn1DigestFactory Get(DerObjectIdentifier oid) { @@ -40,13 +41,14 @@ namespace Org.BouncyCastle.Crypto.Operators get { return mDigest.GetDigestSize(); } } - public virtual IStreamCalculator CreateCalculator() + public virtual IStreamCalculator<IBlockResult> CreateCalculator() { return new DfDigestStream(mDigest); } } - internal class DfDigestStream : IStreamCalculator + internal class DfDigestStream + : IStreamCalculator<SimpleBlockResult> { private readonly DigestSink mStream; @@ -60,7 +62,7 @@ namespace Org.BouncyCastle.Crypto.Operators get { return mStream; } } - public object GetResult() + public SimpleBlockResult GetResult() { byte[] result = new byte[mStream.Digest.GetDigestSize()]; mStream.Digest.DoFinal(result, 0); diff --git a/crypto/src/crypto/operators/Asn1Signature.cs b/crypto/src/crypto/operators/Asn1Signature.cs index 674e717b1..db2d0759e 100644 --- a/crypto/src/crypto/operators/Asn1Signature.cs +++ b/crypto/src/crypto/operators/Asn1Signature.cs @@ -306,7 +306,7 @@ namespace Org.BouncyCastle.Crypto.Operators get { return this.algID; } } - public IStreamCalculator CreateCalculator() + public IStreamCalculator<IBlockResult> CreateCalculator() { ISigner signer = SignerUtilities.InitSigner(algorithm, true, privateKey, random); @@ -363,9 +363,8 @@ namespace Org.BouncyCastle.Crypto.Operators get { return this.algID; } } - public IStreamCalculator CreateCalculator() + public IStreamCalculator<IVerifier> CreateCalculator() { - ISigner verifier = SignerUtilities.InitSigner(X509Utilities.GetSignatureName(algID), false, publicKey, null); return new DefaultVerifierCalculator(verifier); diff --git a/crypto/src/crypto/operators/DefaultSignatureCalculator.cs b/crypto/src/crypto/operators/DefaultSignatureCalculator.cs index 8ca1c01d9..851662622 100644 --- a/crypto/src/crypto/operators/DefaultSignatureCalculator.cs +++ b/crypto/src/crypto/operators/DefaultSignatureCalculator.cs @@ -6,7 +6,7 @@ using Org.BouncyCastle.Crypto.IO; namespace Org.BouncyCastle.Crypto.Operators { public class DefaultSignatureCalculator - : IStreamCalculator + : IStreamCalculator<IBlockResult> { private readonly SignerSink mSignerSink; @@ -20,7 +20,7 @@ namespace Org.BouncyCastle.Crypto.Operators get { return mSignerSink; } } - public object GetResult() + public IBlockResult GetResult() { return new DefaultSignatureResult(mSignerSink.Signer); } diff --git a/crypto/src/crypto/operators/DefaultVerifierCalculator.cs b/crypto/src/crypto/operators/DefaultVerifierCalculator.cs index c985e81a5..cbf4e77d6 100644 --- a/crypto/src/crypto/operators/DefaultVerifierCalculator.cs +++ b/crypto/src/crypto/operators/DefaultVerifierCalculator.cs @@ -6,7 +6,7 @@ using Org.BouncyCastle.Crypto.IO; namespace Org.BouncyCastle.Crypto.Operators { public class DefaultVerifierCalculator - : IStreamCalculator + : IStreamCalculator<IVerifier> { private readonly SignerSink mSignerSink; @@ -20,7 +20,7 @@ namespace Org.BouncyCastle.Crypto.Operators get { return mSignerSink; } } - public object GetResult() + public IVerifier GetResult() { return new DefaultVerifierResult(mSignerSink.Signer); } diff --git a/crypto/src/ocsp/BasicOCSPRespGenerator.cs b/crypto/src/ocsp/BasicOCSPRespGenerator.cs index 63d577404..6cbba997d 100644 --- a/crypto/src/ocsp/BasicOCSPRespGenerator.cs +++ b/crypto/src/ocsp/BasicOCSPRespGenerator.cs @@ -193,13 +193,13 @@ namespace Org.BouncyCastle.Ocsp try { - IStreamCalculator streamCalculator = signatureCalculator.CreateCalculator(); + IStreamCalculator<IBlockResult> streamCalculator = signatureCalculator.CreateCalculator(); using (Stream sigStream = streamCalculator.Stream) { tbsResp.EncodeTo(sigStream, Asn1Encodable.Der); } - bitSig = new DerBitString(((IBlockResult)streamCalculator.GetResult()).Collect()); + bitSig = new DerBitString(streamCalculator.GetResult().Collect()); } catch (Exception e) { diff --git a/crypto/src/pkcs/Pkcs10CertificationRequest.cs b/crypto/src/pkcs/Pkcs10CertificationRequest.cs index be4cbb570..59b5b51ed 100644 --- a/crypto/src/pkcs/Pkcs10CertificationRequest.cs +++ b/crypto/src/pkcs/Pkcs10CertificationRequest.cs @@ -281,14 +281,14 @@ namespace Org.BouncyCastle.Pkcs this.reqInfo = new CertificationRequestInfo(subject, pubInfo, attributes); - IStreamCalculator streamCalculator = signatureFactory.CreateCalculator(); + IStreamCalculator<IBlockResult> streamCalculator = signatureFactory.CreateCalculator(); using (Stream sigStream = streamCalculator.Stream) { reqInfo.EncodeTo(sigStream, Der); } // Generate Signature. - sigBits = new DerBitString(((IBlockResult)streamCalculator.GetResult()).Collect()); + sigBits = new DerBitString(streamCalculator.GetResult().Collect()); } // internal Pkcs10CertificationRequest( @@ -344,13 +344,13 @@ namespace Org.BouncyCastle.Pkcs { byte[] b = reqInfo.GetDerEncoded(); - IStreamCalculator streamCalculator = verifier.CreateCalculator(); + IStreamCalculator<IVerifier> streamCalculator = verifier.CreateCalculator(); streamCalculator.Stream.Write(b, 0, b.Length); Platform.Dispose(streamCalculator.Stream); - return ((IVerifier)streamCalculator.GetResult()).IsVerified(sigBits.GetOctets()); + return streamCalculator.GetResult().IsVerified(sigBits.GetOctets()); } catch (Exception e) { diff --git a/crypto/src/tsp/TimeStampTokenGenerator.cs b/crypto/src/tsp/TimeStampTokenGenerator.cs index 0d6d102d3..79b8c6a3a 100644 --- a/crypto/src/tsp/TimeStampTokenGenerator.cs +++ b/crypto/src/tsp/TimeStampTokenGenerator.cs @@ -80,7 +80,7 @@ namespace Org.BouncyCastle.Tsp try { - IStreamCalculator calculator = digestCalculator.CreateCalculator(); + IStreamCalculator<IBlockResult> calculator = digestCalculator.CreateCalculator(); Stream stream = calculator.Stream; byte[] certEnc = assocCert.GetEncoded(); stream.Write(certEnc, 0, certEnc.Length); @@ -90,7 +90,7 @@ namespace Org.BouncyCastle.Tsp if (((AlgorithmIdentifier)digestCalculator.AlgorithmDetails).Algorithm.Equals(OiwObjectIdentifiers.IdSha1)) { EssCertID essCertID = new EssCertID( - ((IBlockResult)calculator.GetResult()).Collect(), + calculator.GetResult().Collect(), isIssuerSerialIncluded ? new IssuerSerial( new GeneralNames( @@ -107,7 +107,7 @@ namespace Org.BouncyCastle.Tsp ((AlgorithmIdentifier)digestCalculator.AlgorithmDetails).Algorithm); EssCertIDv2 essCertID = new EssCertIDv2( - ((IBlockResult)calculator.GetResult()).Collect(), + calculator.GetResult().Collect(), isIssuerSerialIncluded ? new IssuerSerial( new GeneralNames( diff --git a/crypto/src/x509/X509Certificate.cs b/crypto/src/x509/X509Certificate.cs index 75efdfbb1..627903e1f 100644 --- a/crypto/src/x509/X509Certificate.cs +++ b/crypto/src/x509/X509Certificate.cs @@ -682,7 +682,7 @@ namespace Org.BouncyCastle.X509 Asn1Encodable parameters = c.SignatureAlgorithm.Parameters; - IStreamCalculator streamCalculator = verifier.CreateCalculator(); + IStreamCalculator<IVerifier> streamCalculator = verifier.CreateCalculator(); byte[] b = this.GetTbsCertificate(); @@ -690,10 +690,8 @@ namespace Org.BouncyCastle.X509 Platform.Dispose(streamCalculator.Stream); - if (!((IVerifier)streamCalculator.GetResult()).IsVerified(this.GetSignature())) - { + if (!streamCalculator.GetResult().IsVerified(this.GetSignature())) throw new InvalidKeyException("Public key presented not for certificate signature"); - } } private CachedEncoding GetCachedEncoding() diff --git a/crypto/src/x509/X509Crl.cs b/crypto/src/x509/X509Crl.cs index 60660aab0..265c2293c 100644 --- a/crypto/src/x509/X509Crl.cs +++ b/crypto/src/x509/X509Crl.cs @@ -126,14 +126,13 @@ namespace Org.BouncyCastle.X509 protected virtual void CheckSignature( IVerifierFactory verifier) { + // TODO Compare IsAlgIDEqual in X509Certificate.CheckSignature if (!c.SignatureAlgorithm.Equals(c.TbsCertList.Signature)) - { throw new CrlException("Signature algorithm on CertificateList does not match TbsCertList."); - } Asn1Encodable parameters = c.SignatureAlgorithm.Parameters; - IStreamCalculator streamCalculator = verifier.CreateCalculator(); + IStreamCalculator<IVerifier> streamCalculator = verifier.CreateCalculator(); byte[] b = this.GetTbsCertList(); @@ -141,10 +140,8 @@ namespace Org.BouncyCastle.X509 Platform.Dispose(streamCalculator.Stream); - if (!((IVerifier)streamCalculator.GetResult()).IsVerified(this.GetSignature())) - { + if (!streamCalculator.GetResult().IsVerified(this.GetSignature())) throw new InvalidKeyException("CRL does not verify with supplied public key."); - } } public virtual int Version diff --git a/crypto/src/x509/X509V1CertificateGenerator.cs b/crypto/src/x509/X509V1CertificateGenerator.cs index 01c155b5d..d95f522e8 100644 --- a/crypto/src/x509/X509V1CertificateGenerator.cs +++ b/crypto/src/x509/X509V1CertificateGenerator.cs @@ -124,13 +124,13 @@ namespace Org.BouncyCastle.X509 TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate(); - IStreamCalculator streamCalculator = signatureFactory.CreateCalculator(); + IStreamCalculator<IBlockResult> streamCalculator = signatureFactory.CreateCalculator(); using (Stream sigStream = streamCalculator.Stream) { tbsCert.EncodeTo(sigStream, Asn1Encodable.Der); } - var signature = ((IBlockResult)streamCalculator.GetResult()).Collect(); + var signature = streamCalculator.GetResult().Collect(); return new X509Certificate( new X509CertificateStructure(tbsCert, sigAlgID, new DerBitString(signature))); diff --git a/crypto/src/x509/X509V2AttributeCertificate.cs b/crypto/src/x509/X509V2AttributeCertificate.cs index 8c6ff0062..fbb4fe20f 100644 --- a/crypto/src/x509/X509V2AttributeCertificate.cs +++ b/crypto/src/x509/X509V2AttributeCertificate.cs @@ -182,12 +182,11 @@ namespace Org.BouncyCastle.X509 protected virtual void CheckSignature( IVerifierFactory verifier) { + // TODO Compare IsAlgIDEqual in X509Certificate.CheckSignature if (!cert.SignatureAlgorithm.Equals(cert.ACInfo.Signature)) - { throw new CertificateException("Signature algorithm in certificate info not same as outer certificate"); - } - IStreamCalculator streamCalculator = verifier.CreateCalculator(); + IStreamCalculator<IVerifier> streamCalculator = verifier.CreateCalculator(); try { @@ -202,10 +201,8 @@ namespace Org.BouncyCastle.X509 throw new SignatureException("Exception encoding certificate info object", e); } - if (!((IVerifier)streamCalculator.GetResult()).IsVerified(this.GetSignature())) - { + if (!streamCalculator.GetResult().IsVerified(this.GetSignature())) throw new InvalidKeyException("Public key presented not for certificate signature"); - } } public virtual byte[] GetEncoded() diff --git a/crypto/src/x509/X509V2AttributeCertificateGenerator.cs b/crypto/src/x509/X509V2AttributeCertificateGenerator.cs index 3e1a58e49..1cb239e87 100644 --- a/crypto/src/x509/X509V2AttributeCertificateGenerator.cs +++ b/crypto/src/x509/X509V2AttributeCertificateGenerator.cs @@ -119,13 +119,13 @@ namespace Org.BouncyCastle.X509 AttributeCertificateInfo acInfo = acInfoGen.GenerateAttributeCertificateInfo(); - IStreamCalculator streamCalculator = signatureFactory.CreateCalculator(); + IStreamCalculator<IBlockResult> streamCalculator = signatureFactory.CreateCalculator(); using (Stream sigStream = streamCalculator.Stream) { acInfo.EncodeTo(sigStream, Asn1Encodable.Der); } - var signature = ((IBlockResult)streamCalculator.GetResult()).Collect(); + var signature = streamCalculator.GetResult().Collect(); return new X509V2AttributeCertificate( new AttributeCertificate(acInfo, sigAlgID, new DerBitString(signature))); diff --git a/crypto/src/x509/X509V2CRLGenerator.cs b/crypto/src/x509/X509V2CRLGenerator.cs index e386ee8f2..dc3f8c662 100644 --- a/crypto/src/x509/X509V2CRLGenerator.cs +++ b/crypto/src/x509/X509V2CRLGenerator.cs @@ -186,13 +186,13 @@ namespace Org.BouncyCastle.X509 TbsCertificateList tbsCertList = tbsGen.GenerateTbsCertList(); - IStreamCalculator streamCalculator = signatureFactory.CreateCalculator(); + IStreamCalculator<IBlockResult> streamCalculator = signatureFactory.CreateCalculator(); using (Stream sigStream = streamCalculator.Stream) { tbsCertList.EncodeTo(sigStream, Asn1Encodable.Der); } - var signature = ((IBlockResult)streamCalculator.GetResult()).Collect(); + var signature = streamCalculator.GetResult().Collect(); return new X509Crl( CertificateList.GetInstance(new DerSequence(tbsCertList, sigAlgID, new DerBitString(signature)))); diff --git a/crypto/src/x509/X509V3CertificateGenerator.cs b/crypto/src/x509/X509V3CertificateGenerator.cs index 50e3fc689..1854ac3b4 100644 --- a/crypto/src/x509/X509V3CertificateGenerator.cs +++ b/crypto/src/x509/X509V3CertificateGenerator.cs @@ -259,13 +259,13 @@ namespace Org.BouncyCastle.X509 TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate(); - IStreamCalculator streamCalculator = signatureFactory.CreateCalculator(); + IStreamCalculator<IBlockResult> streamCalculator = signatureFactory.CreateCalculator(); using (Stream sigStream = streamCalculator.Stream) { tbsCert.EncodeTo(sigStream, Asn1Encodable.Der); } - var signature = ((IBlockResult)streamCalculator.GetResult()).Collect(); + var signature = streamCalculator.GetResult().Collect(); return new X509Certificate(new X509CertificateStructure(tbsCert, sigAlgID, new DerBitString(signature))); } diff --git a/crypto/test/src/tsp/test/NewTspTest.cs b/crypto/test/src/tsp/test/NewTspTest.cs index 01dbc0e13..c98e5d191 100644 --- a/crypto/test/src/tsp/test/NewTspTest.cs +++ b/crypto/test/src/tsp/test/NewTspTest.cs @@ -642,27 +642,27 @@ namespace Org.BouncyCastle.Tsp.Tests { Asn1DigestFactory digCalc = Asn1DigestFactory.Get(OiwObjectIdentifiers.IdSha1); - IStreamCalculator calc = digCalc.CreateCalculator(); + var calc = digCalc.CreateCalculator(); using (Stream s = calc.Stream) { byte[] crt = cert.GetEncoded(); s.Write(crt, 0, crt.Length); } - certHash = ((SimpleBlockResult)calc.GetResult()).Collect(); + certHash = calc.GetResult().Collect(); } { Asn1DigestFactory digCalc = Asn1DigestFactory.Get(NistObjectIdentifiers.IdSha256); - IStreamCalculator calc = digCalc.CreateCalculator(); + var calc = digCalc.CreateCalculator(); using (Stream s = calc.Stream) { byte[] crt = cert.GetEncoded(); s.Write(crt, 0, crt.Length); } - certHash256 = ((SimpleBlockResult)calc.GetResult()).Collect(); + certHash256 = calc.GetResult().Collect(); } @@ -772,14 +772,14 @@ namespace Org.BouncyCastle.Tsp.Tests Assert.NotNull(table[PkcsObjectIdentifiers.IdAASigningCertificateV2]); Asn1DigestFactory digCalc = Asn1DigestFactory.Get(NistObjectIdentifiers.IdSha256); - IStreamCalculator calc = digCalc.CreateCalculator(); + var calc = digCalc.CreateCalculator(); using (Stream s = calc.Stream) { byte[] crt = cert.GetEncoded(); s.Write(crt, 0, crt.Length); } - byte[] certHash = ((SimpleBlockResult)calc.GetResult()).Collect(); + byte[] certHash = calc.GetResult().Collect(); SigningCertificateV2 sigCertV2 = SigningCertificateV2.GetInstance(table[PkcsObjectIdentifiers.IdAASigningCertificateV2].AttrValues[0]); |