diff options
Diffstat (limited to 'crypto/src')
-rw-r--r-- | crypto/src/crmf/PKMacBuilder.cs | 5 | ||||
-rw-r--r-- | crypto/src/math/BigInteger.cs | 8 | ||||
-rw-r--r-- | crypto/src/math/ec/ECCurve.cs | 4 | ||||
-rw-r--r-- | crypto/src/math/ec/ECPoint.cs | 7 | ||||
-rw-r--r-- | crypto/src/math/ec/custom/sec/SecP224R1FieldElement.cs | 3 | ||||
-rw-r--r-- | crypto/src/math/raw/Mod.cs | 12 | ||||
-rw-r--r-- | crypto/src/openpgp/PgpEncryptedDataGenerator.cs | 41 | ||||
-rw-r--r-- | crypto/src/openssl/Pkcs8Generator.cs | 5 | ||||
-rw-r--r-- | crypto/src/pqc/crypto/falcon/FalconSigner.cs | 21 | ||||
-rw-r--r-- | crypto/src/security/JksStore.cs | 2 | ||||
-rw-r--r-- | crypto/src/security/SecureRandom.cs | 9 | ||||
-rw-r--r-- | crypto/src/tls/crypto/impl/bc/BcTlsCrypto.cs | 5 |
12 files changed, 57 insertions, 65 deletions
diff --git a/crypto/src/crmf/PKMacBuilder.cs b/crypto/src/crmf/PKMacBuilder.cs index bce26b825..ae9baa3d0 100644 --- a/crypto/src/crmf/PKMacBuilder.cs +++ b/crypto/src/crmf/PKMacBuilder.cs @@ -224,10 +224,7 @@ namespace Org.BouncyCastle.Crmf byte[] salt = new byte[saltLength]; - if (random == null) - { - this.random = new SecureRandom(); - } + this.random = CryptoServicesRegistrar.GetSecureRandom(random); random.NextBytes(salt); diff --git a/crypto/src/math/BigInteger.cs b/crypto/src/math/BigInteger.cs index 5986f9fd8..caf78843e 100644 --- a/crypto/src/math/BigInteger.cs +++ b/crypto/src/math/BigInteger.cs @@ -163,8 +163,6 @@ namespace Org.BouncyCastle.Math private const int chunk2 = 1, chunk8 = 1, chunk10 = 19, chunk16 = 16; private static readonly BigInteger radix2, radix2E, radix8, radix8E, radix10, radix10E, radix16, radix16E; - private static readonly SecureRandom RandomSource = new SecureRandom(new VmpcRandomGenerator(), 16); - /* * These are the threshold bit-lengths (of an exponent) where we increase the window size. * They are calculated according to the expected savings in multiplications. @@ -244,7 +242,7 @@ namespace Org.BouncyCastle.Math public static BigInteger Arbitrary(int sizeInBits) { - return new BigInteger(sizeInBits, RandomSource); + return new BigInteger(sizeInBits, SecureRandom.ArbitraryRandom); } private BigInteger( @@ -1460,7 +1458,7 @@ namespace Org.BouncyCastle.Math if (n.Equals(One)) return false; - return n.CheckProbablePrime(certainty, RandomSource, randomlySelected); + return n.CheckProbablePrime(certainty, SecureRandom.ArbitraryRandom, randomlySelected); } private bool CheckProbablePrime(int certainty, Random random, bool randomlySelected) @@ -2633,7 +2631,7 @@ namespace Org.BouncyCastle.Math BigInteger n = Inc().SetBit(0); - while (!n.CheckProbablePrime(100, RandomSource, false)) + while (!n.CheckProbablePrime(100, SecureRandom.ArbitraryRandom, false)) { n = n.Add(Two); } diff --git a/crypto/src/math/ec/ECCurve.cs b/crypto/src/math/ec/ECCurve.cs index d17c6b1c1..b37d62721 100644 --- a/crypto/src/math/ec/ECCurve.cs +++ b/crypto/src/math/ec/ECCurve.cs @@ -737,7 +737,6 @@ namespace Org.BouncyCastle.Math.EC private const int FP_DEFAULT_COORDS = COORD_JACOBIAN_MODIFIED; private static readonly HashSet<BigInteger> KnownQs = new HashSet<BigInteger>(); - private static readonly SecureRandom random = new SecureRandom(); protected readonly BigInteger m_q, m_r; protected readonly FpPoint m_infinity; @@ -771,7 +770,8 @@ namespace Org.BouncyCastle.Math.EC throw new ArgumentException("Fp q value out of range"); if (Primes.HasAnySmallFactors(q) || - !Primes.IsMRProbablePrime(q, random, GetNumberOfIterations(qBitLength, certainty))) + !Primes.IsMRProbablePrime(q, SecureRandom.ArbitraryRandom, + GetNumberOfIterations(qBitLength, certainty))) { throw new ArgumentException("Fp q value not prime"); } diff --git a/crypto/src/math/ec/ECPoint.cs b/crypto/src/math/ec/ECPoint.cs index fc0ddf035..ee7cf9a92 100644 --- a/crypto/src/math/ec/ECPoint.cs +++ b/crypto/src/math/ec/ECPoint.cs @@ -12,8 +12,6 @@ namespace Org.BouncyCastle.Math.EC */ public abstract class ECPoint { - private static readonly SecureRandom Random = new SecureRandom(); - protected static ECFieldElement[] EMPTY_ZS = new ECFieldElement[0]; protected static ECFieldElement[] GetInitialZCoords(ECCurve curve) @@ -246,10 +244,7 @@ namespace Org.BouncyCastle.Math.EC * Any side-channel in the implementation of 'inverse' now only leaks information about * the value (z * b), and no longer reveals information about 'z' itself. */ - // TODO Add CryptoServicesRegistrar class and use here - //SecureRandom r = CryptoServicesRegistrar.GetSecureRandom(); - SecureRandom r = Random; - ECFieldElement b = m_curve.RandomFieldElementMult(r); + ECFieldElement b = m_curve.RandomFieldElementMult(SecureRandom.ArbitraryRandom); ECFieldElement zInv = z.Multiply(b).Invert().Multiply(b); return Normalize(zInv); } diff --git a/crypto/src/math/ec/custom/sec/SecP224R1FieldElement.cs b/crypto/src/math/ec/custom/sec/SecP224R1FieldElement.cs index bb60edaf6..013100dc3 100644 --- a/crypto/src/math/ec/custom/sec/SecP224R1FieldElement.cs +++ b/crypto/src/math/ec/custom/sec/SecP224R1FieldElement.cs @@ -1,6 +1,7 @@ using System; using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities; using Org.BouncyCastle.Utilities.Encoders; @@ -134,7 +135,7 @@ namespace Org.BouncyCastle.Math.EC.Custom.Sec uint[] nc = Nat224.Create(); SecP224R1Field.Negate(c, nc); - uint[] r = Mod.Random(SecP224R1Field.P); + uint[] r = Mod.Random(SecureRandom.ArbitraryRandom, SecP224R1Field.P); uint[] t = Nat224.Create(); if (!IsSquare(c)) diff --git a/crypto/src/math/raw/Mod.cs b/crypto/src/math/raw/Mod.cs index acbb1d91f..721134b0c 100644 --- a/crypto/src/math/raw/Mod.cs +++ b/crypto/src/math/raw/Mod.cs @@ -12,10 +12,8 @@ namespace Org.BouncyCastle.Math.Raw * computation and modular inversion" by Daniel J. Bernstein and Bo-Yin Yang. */ - internal abstract class Mod + internal static class Mod { - private static readonly SecureRandom RandomSource = new SecureRandom(); - private const int M30 = 0x3FFFFFFF; private const ulong M32UL = 0xFFFFFFFFUL; @@ -364,7 +362,7 @@ namespace Org.BouncyCastle.Math.Raw } #endif - public static uint[] Random(uint[] p) + public static uint[] Random(SecureRandom random, uint[] p) { int len = p.Length; uint[] s = Nat.Create(len); @@ -379,7 +377,7 @@ namespace Org.BouncyCastle.Math.Raw byte[] bytes = new byte[len << 2]; do { - RandomSource.NextBytes(bytes); + random.NextBytes(bytes); Pack.BE_To_UInt32(bytes, 0, s); s[len - 1] &= m; } @@ -389,7 +387,7 @@ namespace Org.BouncyCastle.Math.Raw } #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER - public static void Random(ReadOnlySpan<uint> p, Span<uint> z) + public static void Random(SecureRandom random, ReadOnlySpan<uint> p, Span<uint> z) { int len = p.Length; if (z.Length < len) @@ -410,7 +408,7 @@ namespace Org.BouncyCastle.Math.Raw do { - RandomSource.NextBytes(bytes); + random.NextBytes(bytes); Pack.BE_To_UInt32(bytes, s); s[len - 1] &= m; } diff --git a/crypto/src/openpgp/PgpEncryptedDataGenerator.cs b/crypto/src/openpgp/PgpEncryptedDataGenerator.cs index a86dce42d..589895522 100644 --- a/crypto/src/openpgp/PgpEncryptedDataGenerator.cs +++ b/crypto/src/openpgp/PgpEncryptedDataGenerator.cs @@ -219,7 +219,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp SymmetricKeyAlgorithmTag encAlgorithm) { this.defAlgorithm = encAlgorithm; - this.rand = new SecureRandom(); + this.rand = CryptoServicesRegistrar.GetSecureRandom(); } public PgpEncryptedDataGenerator( @@ -228,42 +228,51 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp { this.defAlgorithm = encAlgorithm; this.withIntegrityPacket = withIntegrityPacket; - this.rand = new SecureRandom(); - } + this.rand = CryptoServicesRegistrar.GetSecureRandom(); + } - /// <summary>Existing SecureRandom constructor.</summary> - /// <param name="encAlgorithm">The symmetric algorithm to use.</param> - /// <param name="rand">Source of randomness.</param> + /// <summary>Existing SecureRandom constructor.</summary> + /// <param name="encAlgorithm">The symmetric algorithm to use.</param> + /// <param name="random">Source of randomness.</param> public PgpEncryptedDataGenerator( SymmetricKeyAlgorithmTag encAlgorithm, - SecureRandom rand) + SecureRandom random) { + if (random == null) + throw new ArgumentNullException(nameof(random)); + this.defAlgorithm = encAlgorithm; - this.rand = rand; + this.rand = random; } /// <summary>Creates a cipher stream which will have an integrity packet associated with it.</summary> public PgpEncryptedDataGenerator( SymmetricKeyAlgorithmTag encAlgorithm, bool withIntegrityPacket, - SecureRandom rand) + SecureRandom random) { + if (random == null) + throw new ArgumentNullException(nameof(random)); + this.defAlgorithm = encAlgorithm; - this.rand = rand; + this.rand = random; this.withIntegrityPacket = withIntegrityPacket; } - /// <summary>Base constructor.</summary> - /// <param name="encAlgorithm">The symmetric algorithm to use.</param> - /// <param name="rand">Source of randomness.</param> - /// <param name="oldFormat">PGP 2.6.x compatibility required.</param> + /// <summary>Base constructor.</summary> + /// <param name="encAlgorithm">The symmetric algorithm to use.</param> + /// <param name="random">Source of randomness.</param> + /// <param name="oldFormat">PGP 2.6.x compatibility required.</param> public PgpEncryptedDataGenerator( SymmetricKeyAlgorithmTag encAlgorithm, - SecureRandom rand, + SecureRandom random, bool oldFormat) { + if (random == null) + throw new ArgumentNullException(nameof(random)); + this.defAlgorithm = encAlgorithm; - this.rand = rand; + this.rand = random; this.oldFormat = oldFormat; } diff --git a/crypto/src/openssl/Pkcs8Generator.cs b/crypto/src/openssl/Pkcs8Generator.cs index 0674cce15..242c966d0 100644 --- a/crypto/src/openssl/Pkcs8Generator.cs +++ b/crypto/src/openssl/Pkcs8Generator.cs @@ -83,10 +83,7 @@ namespace Org.BouncyCastle.OpenSsl // TODO Theoretically, the amount of salt needed depends on the algorithm byte[] salt = new byte[20]; - if (random == null) - { - random = new SecureRandom(); - } + random = CryptoServicesRegistrar.GetSecureRandom(random); random.NextBytes(salt); try diff --git a/crypto/src/pqc/crypto/falcon/FalconSigner.cs b/crypto/src/pqc/crypto/falcon/FalconSigner.cs index 4c2362503..f581386ee 100644 --- a/crypto/src/pqc/crypto/falcon/FalconSigner.cs +++ b/crypto/src/pqc/crypto/falcon/FalconSigner.cs @@ -1,9 +1,7 @@ using System; + using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Pqc.Crypto; -using Org.BouncyCastle.Security; using Org.BouncyCastle.Crypto.Parameters; -using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Pqc.Crypto.Falcon { @@ -17,12 +15,12 @@ namespace Org.BouncyCastle.Pqc.Crypto.Falcon { if (forSigning) { - if (param is ParametersWithRandom) + if (param is ParametersWithRandom withRandom) { - FalconPrivateKeyParameters skparam = ((FalconPrivateKeyParameters)((ParametersWithRandom)param).Parameters); + FalconPrivateKeyParameters skparam = (FalconPrivateKeyParameters)withRandom.Parameters; encodedkey = skparam.GetEncoded(); nist = new FalconNIST( - ((ParametersWithRandom)param).Random, + withRandom.Random, skparam.Parameters.LogN, skparam.Parameters.NonceLength); } @@ -31,13 +29,9 @@ namespace Org.BouncyCastle.Pqc.Crypto.Falcon FalconPrivateKeyParameters skparam = (FalconPrivateKeyParameters)param; encodedkey = ((FalconPrivateKeyParameters)param).GetEncoded(); nist = new FalconNIST( - new SecureRandom(), - // CryptoServicesRegistrar.GetSecureRandom(), + CryptoServicesRegistrar.GetSecureRandom(), skparam.Parameters.LogN, - skparam.Parameters.NonceLength - ); - // TODO when CryptoServicesRegistrar has been implemented, use that instead - + skparam.Parameters.NonceLength); } } else @@ -45,8 +39,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Falcon FalconPublicKeyParameters pkparam = (FalconPublicKeyParameters)param; encodedkey = pkparam.GetEncoded(); nist = new FalconNIST( - new SecureRandom(), - // CryptoServicesRegistrar.GetSecureRandom() + CryptoServicesRegistrar.GetSecureRandom(), pkparam.Parameters.LogN, pkparam.Parameters.NonceLength); } diff --git a/crypto/src/security/JksStore.cs b/crypto/src/security/JksStore.cs index c679270a3..69ade11af 100644 --- a/crypto/src/security/JksStore.cs +++ b/crypto/src/security/JksStore.cs @@ -154,7 +154,7 @@ namespace Org.BouncyCastle.Security byte[] pkcs8Key = PrivateKeyInfoFactory.CreatePrivateKeyInfo(key).GetEncoded(); byte[] protectedKey = new byte[pkcs8Key.Length + 40]; - SecureRandom rnd = new SecureRandom(); + SecureRandom rnd = CryptoServicesRegistrar.GetSecureRandom(); rnd.NextBytes(protectedKey, 0, 20); IDigest digest = DigestUtilities.GetDigest("SHA-1"); diff --git a/crypto/src/security/SecureRandom.cs b/crypto/src/security/SecureRandom.cs index 53e5be069..521e7db0e 100644 --- a/crypto/src/security/SecureRandom.cs +++ b/crypto/src/security/SecureRandom.cs @@ -17,7 +17,8 @@ namespace Org.BouncyCastle.Security return Interlocked.Increment(ref counter); } - private static readonly SecureRandom Master = new SecureRandom(new CryptoApiRandomGenerator()); + private static readonly SecureRandom MasterRandom = new SecureRandom(new CryptoApiRandomGenerator()); + internal static readonly SecureRandom ArbitraryRandom = new SecureRandom(new VmpcRandomGenerator(), 16); private static DigestRandomGenerator CreatePrng(string digestName, bool autoSeed) { @@ -102,13 +103,13 @@ namespace Org.BouncyCastle.Security public virtual byte[] GenerateSeed(int length) { - return GetNextBytes(Master, length); + return GetNextBytes(MasterRandom, length); } #if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER public virtual void GenerateSeed(Span<byte> seed) { - Master.NextBytes(seed); + MasterRandom.NextBytes(seed); } #endif @@ -255,7 +256,7 @@ namespace Org.BouncyCastle.Security #else byte[] seed = new byte[seedLength]; #endif - Master.NextBytes(seed); + MasterRandom.NextBytes(seed); generator.AddSeedMaterial(seed); } } diff --git a/crypto/src/tls/crypto/impl/bc/BcTlsCrypto.cs b/crypto/src/tls/crypto/impl/bc/BcTlsCrypto.cs index 66f47c091..8e193f187 100644 --- a/crypto/src/tls/crypto/impl/bc/BcTlsCrypto.cs +++ b/crypto/src/tls/crypto/impl/bc/BcTlsCrypto.cs @@ -28,12 +28,15 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl.BC private readonly SecureRandom m_entropySource; public BcTlsCrypto() - : this(new SecureRandom()) + : this(CryptoServicesRegistrar.GetSecureRandom()) { } public BcTlsCrypto(SecureRandom entropySource) { + if (entropySource == null) + throw new ArgumentNullException(nameof(entropySource)); + this.m_entropySource = entropySource; } |