diff --git a/crypto/src/security/CipherUtilities.cs b/crypto/src/security/CipherUtilities.cs
index cdb711f69..3217f3183 100644
--- a/crypto/src/security/CipherUtilities.cs
+++ b/crypto/src/security/CipherUtilities.cs
@@ -54,6 +54,10 @@ namespace Org.BouncyCastle.Security
SERPENT,
SKIPJACK,
TEA,
+ THREEFISH_256,
+ THREEFISH_512,
+ THREEFISH_1024,
+ TNEPRES,
TWOFISH,
VMPC,
VMPC_KSA3,
@@ -278,9 +282,9 @@ namespace Org.BouncyCastle.Security
- if (algorithm.StartsWith("PBE"))
+ if (Platform.StartsWith(algorithm, "PBE"))
{
- if (algorithm.EndsWith("-CBC"))
+ if (Platform.EndsWith(algorithm, "-CBC"))
{
if (algorithm == "PBEWITHSHA1ANDDES-CBC")
{
@@ -305,7 +309,7 @@ namespace Org.BouncyCastle.Security
new CbcBlockCipher(new RC2Engine()));
}
}
- else if (algorithm.EndsWith("-BC") || algorithm.EndsWith("-OPENSSL"))
+ else if (Platform.EndsWith(algorithm, "-BC") || Platform.EndsWith(algorithm, "-OPENSSL"))
{
if (Strings.IsOneOf(algorithm,
"PBEWITHSHAAND128BITAES-CBC-BC",
@@ -432,6 +436,18 @@ namespace Org.BouncyCastle.Security
case CipherAlgorithm.TEA:
blockCipher = new TeaEngine();
break;
+ case CipherAlgorithm.THREEFISH_256:
+ blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_256);
+ break;
+ case CipherAlgorithm.THREEFISH_512:
+ blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512);
+ break;
+ case CipherAlgorithm.THREEFISH_1024:
+ blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_1024);
+ break;
+ case CipherAlgorithm.TNEPRES:
+ blockCipher = new TnepresEngine();
+ break;
case CipherAlgorithm.TWOFISH:
blockCipher = new TwofishEngine();
break;
@@ -725,6 +741,10 @@ namespace Org.BouncyCastle.Security
case CipherAlgorithm.SERPENT: return new SerpentEngine();
case CipherAlgorithm.SKIPJACK: return new SkipjackEngine();
case CipherAlgorithm.TEA: return new TeaEngine();
+ case CipherAlgorithm.THREEFISH_256: return new ThreefishEngine(ThreefishEngine.BLOCKSIZE_256);
+ case CipherAlgorithm.THREEFISH_512: return new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512);
+ case CipherAlgorithm.THREEFISH_1024: return new ThreefishEngine(ThreefishEngine.BLOCKSIZE_1024);
+ case CipherAlgorithm.TNEPRES: return new TnepresEngine();
case CipherAlgorithm.TWOFISH: return new TwofishEngine();
case CipherAlgorithm.XTEA: return new XteaEngine();
default:
diff --git a/crypto/src/security/GeneratorUtilities.cs b/crypto/src/security/GeneratorUtilities.cs
index 45fbc9425..3beebd05b 100644
--- a/crypto/src/security/GeneratorUtilities.cs
+++ b/crypto/src/security/GeneratorUtilities.cs
@@ -109,6 +109,10 @@ namespace Org.BouncyCastle.Security
AddKgAlgorithm("SERPENT");
AddKgAlgorithm("SKIPJACK");
AddKgAlgorithm("TEA");
+ AddKgAlgorithm("THREEFISH-256");
+ AddKgAlgorithm("THREEFISH-512");
+ AddKgAlgorithm("THREEFISH-1024");
+ AddKgAlgorithm("TNEPRES");
AddKgAlgorithm("TWOFISH");
AddKgAlgorithm("VMPC");
AddKgAlgorithm("VMPC-KSA3");
@@ -178,14 +182,13 @@ namespace Org.BouncyCastle.Security
"RC2", "RC4", "RC5", "SALSA20", "SEED", "TEA", "XTEA", "VMPC", "VMPC-KSA3");
AddDefaultKeySizeEntries(160, "HMACRIPEMD160", "HMACSHA1");
AddDefaultKeySizeEntries(192, "AES", "AES192", "CAMELLIA192", "DESEDE3", "HMACTIGER",
- "RIJNDAEL", "SERPENT");
- AddDefaultKeySizeEntries(224, "HMACSHA224");
+ "RIJNDAEL", "SERPENT", "TNEPRES");
+ AddDefaultKeySizeEntries(224, "HMACSHA224", "HMACSHA512/224");
AddDefaultKeySizeEntries(256, "AES256", "CAMELLIA", "CAMELLIA256", "CAST6", "GOST28147",
- "HC256", "HMACSHA256", "RC5-64", "RC6", "TWOFISH");
+ "HC256", "HMACSHA256", "HMACSHA512/256", "RC5-64", "RC6", "THREEFISH-256", "TWOFISH");
AddDefaultKeySizeEntries(384, "HMACSHA384");
- AddDefaultKeySizeEntries(512, "HMACSHA512");
- AddDefaultKeySizeEntries(224, "HMACSHA512/224");
- AddDefaultKeySizeEntries(256, "HMACSHA512/256");
+ AddDefaultKeySizeEntries(512, "HMACSHA512", "THREEFISH-512");
+ AddDefaultKeySizeEntries(1024, "THREEFISH-1024");
}
private static void AddDefaultKeySizeEntries(int size, params string[] algorithms)
@@ -299,7 +302,7 @@ namespace Org.BouncyCastle.Security
return new DsaKeyPairGenerator();
// "EC", "ECDH", "ECDHC", "ECDSA", "ECGOST3410", "ECMQV"
- if (canonicalName.StartsWith("EC"))
+ if (Platform.StartsWith(canonicalName, "EC"))
return new ECKeyPairGenerator(canonicalName);
if (canonicalName == "ELGAMAL")
diff --git a/crypto/src/security/MacUtilities.cs b/crypto/src/security/MacUtilities.cs
index d7fe91142..fab9b1d41 100644
--- a/crypto/src/security/MacUtilities.cs
+++ b/crypto/src/security/MacUtilities.cs
@@ -1,4 +1,6 @@
+using System;
using System.Collections;
+using System.Globalization;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Iana;
@@ -112,15 +114,15 @@ namespace Org.BouncyCastle.Security
mechanism = upper;
}
- if (mechanism.StartsWith("PBEWITH"))
+ if (Platform.StartsWith(mechanism, "PBEWITH"))
{
mechanism = mechanism.Substring("PBEWITH".Length);
}
- if (mechanism.StartsWith("HMAC"))
+ if (Platform.StartsWith(mechanism, "HMAC"))
{
string digestName;
- if (mechanism.StartsWith("HMAC-") || mechanism.StartsWith("HMAC/"))
+ if (Platform.StartsWith(mechanism, "HMAC-") || Platform.StartsWith(mechanism, "HMAC/"))
{
digestName = mechanism.Substring(5);
}
diff --git a/crypto/src/security/ParameterUtilities.cs b/crypto/src/security/ParameterUtilities.cs
index b2d7c0dff..c12155878 100644
--- a/crypto/src/security/ParameterUtilities.cs
+++ b/crypto/src/security/ParameterUtilities.cs
@@ -104,6 +104,10 @@ namespace Org.BouncyCastle.Security
AddAlgorithm("SERPENT");
AddAlgorithm("SKIPJACK");
AddAlgorithm("TEA");
+ AddAlgorithm("THREEFISH-256");
+ AddAlgorithm("THREEFISH-512");
+ AddAlgorithm("THREEFISH-1024");
+ AddAlgorithm("TNEPRES");
AddAlgorithm("TWOFISH");
AddAlgorithm("VMPC");
AddAlgorithm("VMPC-KSA3");
diff --git a/crypto/src/security/PbeUtilities.cs b/crypto/src/security/PbeUtilities.cs
index 56d68ba0a..33f31e5b4 100644
--- a/crypto/src/security/PbeUtilities.cs
+++ b/crypto/src/security/PbeUtilities.cs
@@ -345,7 +345,7 @@ namespace Org.BouncyCastle.Security
AlgorithmIdentifier algID,
char[] password)
{
- return GenerateCipherParameters(algID.ObjectID.Id, password, false, algID.Parameters);
+ return GenerateCipherParameters(algID.Algorithm.Id, password, false, algID.Parameters);
}
public static ICipherParameters GenerateCipherParameters(
@@ -353,7 +353,7 @@ namespace Org.BouncyCastle.Security
char[] password,
bool wrongPkcs12Zero)
{
- return GenerateCipherParameters(algID.ObjectID.Id, password, wrongPkcs12Zero, algID.Parameters);
+ return GenerateCipherParameters(algID.Algorithm.Id, password, wrongPkcs12Zero, algID.Parameters);
}
public static ICipherParameters GenerateCipherParameters(
@@ -401,10 +401,10 @@ namespace Org.BouncyCastle.Security
{
PbeS2Parameters s2p = PbeS2Parameters.GetInstance(pbeParameters.ToAsn1Object());
AlgorithmIdentifier encScheme = s2p.EncryptionScheme;
- DerObjectIdentifier encOid = encScheme.ObjectID;
+ DerObjectIdentifier encOid = encScheme.Algorithm;
Asn1Object encParams = encScheme.Parameters.ToAsn1Object();
- // TODO What about s2p.KeyDerivationFunc.ObjectID?
+ // TODO What about s2p.KeyDerivationFunc.Algorithm?
Pbkdf2Params pbeParams = Pbkdf2Params.GetInstance(s2p.KeyDerivationFunc.Parameters.ToAsn1Object());
byte[] iv;
@@ -444,7 +444,7 @@ namespace Org.BouncyCastle.Security
}
}
}
- else if (mechanism.StartsWith("PBEwithSHA-1"))
+ else if (Platform.StartsWith(mechanism, "PBEwithSHA-1"))
{
PbeParametersGenerator generator = MakePbeGenerator(
(string) algorithmType[mechanism], new Sha1Digest(), keyBytes, salt, iterationCount);
@@ -494,7 +494,7 @@ namespace Org.BouncyCastle.Security
parameters = generator.GenerateDerivedParameters("RC2", 64, 64);
}
}
- else if (mechanism.StartsWith("PBEwithSHA-256"))
+ else if (Platform.StartsWith(mechanism, "PBEwithSHA-256"))
{
PbeParametersGenerator generator = MakePbeGenerator(
(string) algorithmType[mechanism], new Sha256Digest(), keyBytes, salt, iterationCount);
@@ -512,7 +512,7 @@ namespace Org.BouncyCastle.Security
parameters = generator.GenerateDerivedParameters("AES", 256, 128);
}
}
- else if (mechanism.StartsWith("PBEwithMD5"))
+ else if (Platform.StartsWith(mechanism, "PBEwithMD5"))
{
PbeParametersGenerator generator = MakePbeGenerator(
(string)algorithmType[mechanism], new MD5Digest(), keyBytes, salt, iterationCount);
@@ -538,7 +538,7 @@ namespace Org.BouncyCastle.Security
parameters = generator.GenerateDerivedParameters("AES", 256, 128);
}
}
- else if (mechanism.StartsWith("PBEwithMD2"))
+ else if (Platform.StartsWith(mechanism, "PBEwithMD2"))
{
PbeParametersGenerator generator = MakePbeGenerator(
(string)algorithmType[mechanism], new MD2Digest(), keyBytes, salt, iterationCount);
@@ -551,7 +551,7 @@ namespace Org.BouncyCastle.Security
parameters = generator.GenerateDerivedParameters("RC2", 64, 64);
}
}
- else if (mechanism.StartsWith("PBEwithHmac"))
+ else if (Platform.StartsWith(mechanism, "PBEwithHmac"))
{
string digestName = mechanism.Substring("PBEwithHmac".Length);
IDigest digest = DigestUtilities.GetDigest(digestName);
@@ -577,13 +577,13 @@ namespace Org.BouncyCastle.Security
public static object CreateEngine(
AlgorithmIdentifier algID)
{
- string algorithm = algID.ObjectID.Id;
+ string algorithm = algID.Algorithm.Id;
if (IsPkcs5Scheme2(algorithm))
{
PbeS2Parameters s2p = PbeS2Parameters.GetInstance(algID.Parameters.ToAsn1Object());
AlgorithmIdentifier encScheme = s2p.EncryptionScheme;
- return CipherUtilities.GetCipher(encScheme.ObjectID);
+ return CipherUtilities.GetCipher(encScheme.Algorithm);
}
return CreateEngine(algorithm);
@@ -594,39 +594,39 @@ namespace Org.BouncyCastle.Security
{
string mechanism = (string)algorithms[Platform.ToUpperInvariant(algorithm)];
- if (mechanism.StartsWith("PBEwithHmac"))
+ if (Platform.StartsWith(mechanism, "PBEwithHmac"))
{
string digestName = mechanism.Substring("PBEwithHmac".Length);
return MacUtilities.GetMac("HMAC/" + digestName);
}
- if (mechanism.StartsWith("PBEwithMD2")
- || mechanism.StartsWith("PBEwithMD5")
- || mechanism.StartsWith("PBEwithSHA-1")
- || mechanism.StartsWith("PBEwithSHA-256"))
+ if (Platform.StartsWith(mechanism, "PBEwithMD2")
+ || Platform.StartsWith(mechanism, "PBEwithMD5")
+ || Platform.StartsWith(mechanism, "PBEwithSHA-1")
+ || Platform.StartsWith(mechanism, "PBEwithSHA-256"))
{
- if (mechanism.EndsWith("AES-CBC-BC") || mechanism.EndsWith("AES-CBC-OPENSSL"))
+ if (Platform.EndsWith(mechanism, "AES-CBC-BC") || Platform.EndsWith(mechanism, "AES-CBC-OPENSSL"))
{
return CipherUtilities.GetCipher("AES/CBC");
}
- if (mechanism.EndsWith("DES-CBC"))
+ if (Platform.EndsWith(mechanism, "DES-CBC"))
{
return CipherUtilities.GetCipher("DES/CBC");
}
- if (mechanism.EndsWith("DESEDE-CBC"))
+ if (Platform.EndsWith(mechanism, "DESEDE-CBC"))
{
return CipherUtilities.GetCipher("DESEDE/CBC");
}
- if (mechanism.EndsWith("RC2-CBC"))
+ if (Platform.EndsWith(mechanism, "RC2-CBC"))
{
return CipherUtilities.GetCipher("RC2/CBC");
}
- if (mechanism.EndsWith("RC4"))
+ if (Platform.EndsWith(mechanism, "RC4"))
{
return CipherUtilities.GetCipher("RC4");
}
@@ -643,7 +643,7 @@ namespace Org.BouncyCastle.Security
private static ICipherParameters FixDesParity(string mechanism, ICipherParameters parameters)
{
- if (!mechanism.EndsWith("DES-CBC") & !mechanism.EndsWith("DESEDE-CBC"))
+ if (!Platform.EndsWith(mechanism, "DES-CBC") && !Platform.EndsWith(mechanism, "DESEDE-CBC"))
{
return parameters;
}
diff --git a/crypto/src/security/PrivateKeyFactory.cs b/crypto/src/security/PrivateKeyFactory.cs
index edc5ef85a..8c2ecfdb0 100644
--- a/crypto/src/security/PrivateKeyFactory.cs
+++ b/crypto/src/security/PrivateKeyFactory.cs
@@ -45,7 +45,7 @@ namespace Org.BouncyCastle.Security
PrivateKeyInfo keyInfo)
{
AlgorithmIdentifier algID = keyInfo.PrivateKeyAlgorithm;
- DerObjectIdentifier algOid = algID.ObjectID;
+ DerObjectIdentifier algOid = algID.Algorithm;
// TODO See RSAUtil.isRsaOid in Java build
if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption)
@@ -117,8 +117,7 @@ namespace Org.BouncyCastle.Security
x9 = new X9ECParameters((Asn1Sequence)para.Parameters);
}
- ECPrivateKeyStructure ec = new ECPrivateKeyStructure(
- Asn1Sequence.GetInstance(keyInfo.ParsePrivateKey()));
+ ECPrivateKeyStructure ec = ECPrivateKeyStructure.GetInstance(keyInfo.ParsePrivateKey());
BigInteger d = ec.GetKey();
if (para.IsNamedCurve)
@@ -134,24 +133,24 @@ namespace Org.BouncyCastle.Security
Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
+ ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet);
+
+ if (ecP == null)
+ throw new ArgumentException("Unrecognized curve OID for GostR3410x2001 private key");
+
Asn1Object privKey = keyInfo.ParsePrivateKey();
ECPrivateKeyStructure ec;
if (privKey is DerInteger)
{
// TODO Do we need to pass any parameters here?
- ec = new ECPrivateKeyStructure(((DerInteger)privKey).Value);
+ ec = new ECPrivateKeyStructure(ecP.N.BitLength, ((DerInteger)privKey).Value);
}
else
{
ec = ECPrivateKeyStructure.GetInstance(privKey);
}
- ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet);
-
- if (ecP == null)
- throw new ArgumentException("Unrecognized curve OID for GostR3410x2001 private key");
-
return new ECPrivateKeyParameters("ECGOST3410", ec.GetKey(), gostParams.PublicKeyParamSet);
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x94))
diff --git a/crypto/src/security/PublicKeyFactory.cs b/crypto/src/security/PublicKeyFactory.cs
index 8c0be4f70..f1b28b774 100644
--- a/crypto/src/security/PublicKeyFactory.cs
+++ b/crypto/src/security/PublicKeyFactory.cs
@@ -44,7 +44,7 @@ namespace Org.BouncyCastle.Security
SubjectPublicKeyInfo keyInfo)
{
AlgorithmIdentifier algID = keyInfo.AlgorithmID;
- DerObjectIdentifier algOid = algID.ObjectID;
+ DerObjectIdentifier algOid = algID.Algorithm;
// TODO See RSAUtil.isRsaOid in Java build
if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption)
diff --git a/crypto/src/security/SecureRandom.cs b/crypto/src/security/SecureRandom.cs
index 5bad57a14..cb831acc2 100644
--- a/crypto/src/security/SecureRandom.cs
+++ b/crypto/src/security/SecureRandom.cs
@@ -68,11 +68,18 @@ namespace Org.BouncyCastle.Security
if (autoSeed)
{
prng.AddSeedMaterial(NextCounterValue());
- prng.AddSeedMaterial(GetSeed(digest.GetDigestSize()));
+ prng.AddSeedMaterial(GetNextBytes(Master, digest.GetDigestSize()));
}
return prng;
}
+ public static byte[] GetNextBytes(SecureRandom secureRandom, int length)
+ {
+ byte[] result = new byte[length];
+ secureRandom.NextBytes(result);
+ return result;
+ }
+
/// <summary>
/// Create and auto-seed an instance based on the given algorithm.
/// </summary>
@@ -91,7 +98,7 @@ namespace Org.BouncyCastle.Security
public static SecureRandom GetInstance(string algorithm, bool autoSeed)
{
string upper = Platform.ToUpperInvariant(algorithm);
- if (upper.EndsWith("PRNG"))
+ if (Platform.EndsWith(upper, "PRNG"))
{
string digestName = upper.Substring(0, upper.Length - "PRNG".Length);
DigestRandomGenerator prng = CreatePrng(digestName, autoSeed);
@@ -104,12 +111,10 @@ namespace Org.BouncyCastle.Security
throw new ArgumentException("Unrecognised PRNG algorithm: " + algorithm, "algorithm");
}
+ [Obsolete("Call GenerateSeed() on a SecureRandom instance instead")]
public static byte[] GetSeed(int length)
{
-#if NETCF_1_0
- lock (master)
-#endif
- return Master.GenerateSeed(length);
+ return GetNextBytes(Master, length);
}
protected readonly IRandomGenerator generator;
@@ -145,11 +150,7 @@ namespace Org.BouncyCastle.Security
public virtual byte[] GenerateSeed(int length)
{
- SetSeed(DateTime.Now.Ticks);
-
- byte[] rv = new byte[length];
- NextBytes(rv);
- return rv;
+ return GetNextBytes(Master, length);
}
public virtual void SetSeed(byte[] seed)
@@ -164,13 +165,7 @@ namespace Org.BouncyCastle.Security
public override int Next()
{
- for (;;)
- {
- int i = NextInt() & int.MaxValue;
-
- if (i != int.MaxValue)
- return i;
- }
+ return NextInt() & int.MaxValue;
}
public override int Next(int maxValue)
@@ -184,11 +179,9 @@ namespace Org.BouncyCastle.Security
}
// Test whether maxValue is a power of 2
- if ((maxValue & -maxValue) == maxValue)
+ if ((maxValue & (maxValue - 1)) == 0)
{
- int val = NextInt() & int.MaxValue;
- long lr = ((long) maxValue * (long) val) >> 31;
- return (int) lr;
+ return NextInt() & (maxValue - 1);
}
int bits, result;
@@ -244,16 +237,17 @@ namespace Org.BouncyCastle.Security
public virtual int NextInt()
{
- byte[] intBytes = new byte[4];
- NextBytes(intBytes);
-
- int result = 0;
- for (int i = 0; i < 4; i++)
- {
- result = (result << 8) + (intBytes[i] & 0xff);
- }
-
- return result;
+ byte[] bytes = new byte[4];
+ NextBytes(bytes);
+
+ uint result = bytes[0];
+ result <<= 8;
+ result |= bytes[1];
+ result <<= 8;
+ result |= bytes[2];
+ result <<= 8;
+ result |= bytes[3];
+ return (int)result;
}
public virtual long NextLong()
diff --git a/crypto/src/security/SignerUtilities.cs b/crypto/src/security/SignerUtilities.cs
index bd1515147..9a4915b46 100644
--- a/crypto/src/security/SignerUtilities.cs
+++ b/crypto/src/security/SignerUtilities.cs
@@ -312,7 +312,7 @@ namespace Org.BouncyCastle.Security
return GetPssX509Parameters("SHA-1");
}
- if (mechanism.EndsWith("withRSAandMGF1"))
+ if (Platform.EndsWith(mechanism, "withRSAandMGF1"))
{
string digestName = mechanism.Substring(0, mechanism.Length - "withRSAandMGF1".Length);
return GetPssX509Parameters(digestName);
@@ -534,10 +534,10 @@ namespace Org.BouncyCastle.Security
return new Iso9796d2Signer(new RsaBlindedEngine(), new RipeMD160Digest(), true);
}
- if (mechanism.EndsWith("/X9.31"))
+ if (Platform.EndsWith(mechanism, "/X9.31"))
{
string x931 = mechanism.Substring(0, mechanism.Length - "/X9.31".Length);
- int withPos = x931.IndexOf("WITH");
+ int withPos = Platform.IndexOf(x931, "WITH");
if (withPos > 0)
{
int endPos = withPos + "WITH".Length;
|
