diff --git a/crypto/src/asn1/DerObjectIdentifier.cs b/crypto/src/asn1/DerObjectIdentifier.cs
index 6ac2b7e9e..495260a68 100644
--- a/crypto/src/asn1/DerObjectIdentifier.cs
+++ b/crypto/src/asn1/DerObjectIdentifier.cs
@@ -42,7 +42,14 @@ namespace Org.BouncyCastle.Asn1
Asn1TaggedObject obj,
bool explicitly)
{
- return GetInstance(obj.GetObject());
+ Asn1Object o = obj.GetObject();
+
+ if (explicitly || o is DerObjectIdentifier)
+ {
+ return GetInstance(o);
+ }
+
+ return FromOctetString(Asn1OctetString.GetInstance(o).GetOctets());
}
public DerObjectIdentifier(
diff --git a/crypto/src/asn1/cryptopro/GOST3410PublicKeyAlgParameters.cs b/crypto/src/asn1/cryptopro/GOST3410PublicKeyAlgParameters.cs
index 10c45ba4d..ea42a1ec4 100644
--- a/crypto/src/asn1/cryptopro/GOST3410PublicKeyAlgParameters.cs
+++ b/crypto/src/asn1/cryptopro/GOST3410PublicKeyAlgParameters.cs
@@ -22,16 +22,9 @@ namespace Org.BouncyCastle.Asn1.CryptoPro
object obj)
{
if (obj == null || obj is Gost3410PublicKeyAlgParameters)
- {
- return (Gost3410PublicKeyAlgParameters) obj;
- }
-
- if (obj is Asn1Sequence)
- {
- return new Gost3410PublicKeyAlgParameters((Asn1Sequence) obj);
- }
+ return (Gost3410PublicKeyAlgParameters)obj;
- throw new ArgumentException("Invalid GOST3410Parameter: " + Platform.GetTypeName(obj));
+ return new Gost3410PublicKeyAlgParameters(Asn1Sequence.GetInstance((obj)));
}
public Gost3410PublicKeyAlgParameters(
diff --git a/crypto/src/bcpg/ArmoredOutputStream.cs b/crypto/src/bcpg/ArmoredOutputStream.cs
index 7a5066ec3..82e7cc1f0 100644
--- a/crypto/src/bcpg/ArmoredOutputStream.cs
+++ b/crypto/src/bcpg/ArmoredOutputStream.cs
@@ -147,13 +147,13 @@ namespace Org.BouncyCastle.Bcpg
*/
public void ResetHeaders()
{
- string version = (string)headers[HeaderVersion];
+ string existingVersion = (string)headers[HeaderVersion];
headers.Clear();
- if (version != null)
+ if (existingVersion != null)
{
- headers[HeaderVersion] = Version;
+ headers.Add(HeaderVersion, existingVersion);
}
}
diff --git a/crypto/src/cms/CMSSignedGenerator.cs b/crypto/src/cms/CMSSignedGenerator.cs
index 0fb1f314d..eec2e875b 100644
--- a/crypto/src/cms/CMSSignedGenerator.cs
+++ b/crypto/src/cms/CMSSignedGenerator.cs
@@ -33,7 +33,9 @@ namespace Org.BouncyCastle.Cms
//
digestOids.Add(OiwObjectIdentifiers.MD4WithRsaEncryption, PkcsObjectIdentifiers.MD4);
digestOids.Add(OiwObjectIdentifiers.MD4WithRsa, PkcsObjectIdentifiers.MD4);
+ digestOids.Add(OiwObjectIdentifiers.MD5WithRsa, PkcsObjectIdentifiers.MD5);
digestOids.Add(OiwObjectIdentifiers.Sha1WithRsa, OiwObjectIdentifiers.IdSha1);
+ digestOids.Add(OiwObjectIdentifiers.DsaWithSha1, OiwObjectIdentifiers.IdSha1);
digestOids.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption, NistObjectIdentifiers.IdSha224);
digestOids.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption, NistObjectIdentifiers.IdSha256);
diff --git a/crypto/src/crypto/digests/SM3Digest.cs b/crypto/src/crypto/digests/SM3Digest.cs
index d81b2ddbf..449d7c161 100644
--- a/crypto/src/crypto/digests/SM3Digest.cs
+++ b/crypto/src/crypto/digests/SM3Digest.cs
@@ -31,9 +31,8 @@ namespace Org.BouncyCastle.Crypto.Digests
// Work-bufs used within processBlock()
private uint[] W = new uint[68];
- private uint[] W1 = new uint[64];
- // Round constant T for processBlock() which is 32 bit integer rolled left up to (63 MOD 32) bit positions.
+ // Round constant T for processBlock() which is 32 bit integer rolled left up to (63 MOD 32) bit positions.
private static readonly uint[] T = new uint[64];
static SM3Digest()
@@ -124,14 +123,7 @@ namespace Org.BouncyCastle.Crypto.Digests
{
Finish();
- Pack.UInt32_To_BE(this.V[0], output, outOff + 0);
- Pack.UInt32_To_BE(this.V[1], output, outOff + 4);
- Pack.UInt32_To_BE(this.V[2], output, outOff + 8);
- Pack.UInt32_To_BE(this.V[3], output, outOff + 12);
- Pack.UInt32_To_BE(this.V[4], output, outOff + 16);
- Pack.UInt32_To_BE(this.V[5], output, outOff + 20);
- Pack.UInt32_To_BE(this.V[6], output, outOff + 24);
- Pack.UInt32_To_BE(this.V[7], output, outOff + 28);
+ Pack.UInt32_To_BE(V, output, outOff);
Reset();
@@ -261,10 +253,6 @@ namespace Org.BouncyCastle.Crypto.Digests
uint r7 = ((wj13 << 7) | (wj13 >> (32 - 7)));
this.W[j] = P1(this.W[j - 16] ^ this.W[j - 9] ^ r15) ^ r7 ^ this.W[j - 6];
}
- for (int j = 0; j < 64; ++j)
- {
- this.W1[j] = this.W[j] ^ this.W[j + 4];
- }
uint A = this.V[0];
uint B = this.V[1];
@@ -282,8 +270,10 @@ namespace Org.BouncyCastle.Crypto.Digests
uint s1_ = a12 + E + T[j];
uint SS1 = ((s1_ << 7) | (s1_ >> (32 - 7)));
uint SS2 = SS1 ^ a12;
- uint TT1 = FF0(A, B, C) + D + SS2 + this.W1[j];
- uint TT2 = GG0(E, F, G) + H + SS1 + this.W[j];
+ uint Wj = W[j];
+ uint W1j = Wj ^ W[j + 4];
+ uint TT1 = FF0(A, B, C) + D + SS2 + W1j;
+ uint TT2 = GG0(E, F, G) + H + SS1 + Wj;
D = C;
C = ((B << 9) | (B >> (32 - 9)));
B = A;
@@ -301,8 +291,10 @@ namespace Org.BouncyCastle.Crypto.Digests
uint s1_ = a12 + E + T[j];
uint SS1 = ((s1_ << 7) | (s1_ >> (32 - 7)));
uint SS2 = SS1 ^ a12;
- uint TT1 = FF1(A, B, C) + D + SS2 + this.W1[j];
- uint TT2 = GG1(E, F, G) + H + SS1 + this.W[j];
+ uint Wj = W[j];
+ uint W1j = Wj ^ W[j + 4];
+ uint TT1 = FF1(A, B, C) + D + SS2 + W1j;
+ uint TT2 = GG1(E, F, G) + H + SS1 + Wj;
D = C;
C = ((B << 9) | (B >> (32 - 9)));
B = A;
diff --git a/crypto/src/crypto/parameters/KeyParameter.cs b/crypto/src/crypto/parameters/KeyParameter.cs
index 33dff96d7..043adf276 100644
--- a/crypto/src/crypto/parameters/KeyParameter.cs
+++ b/crypto/src/crypto/parameters/KeyParameter.cs
@@ -27,7 +27,7 @@ namespace Org.BouncyCastle.Crypto.Parameters
throw new ArgumentNullException("key");
if (keyOff < 0 || keyOff > key.Length)
throw new ArgumentOutOfRangeException("keyOff");
- if (keyLen < 0 || (keyOff + keyLen) > key.Length)
+ if (keyLen < 0 || keyLen > (key.Length - keyOff))
throw new ArgumentOutOfRangeException("keyLen");
this.key = new byte[keyLen];
diff --git a/crypto/src/crypto/tls/AbstractTlsClient.cs b/crypto/src/crypto/tls/AbstractTlsClient.cs
index be4702e5e..bddbab87f 100644
--- a/crypto/src/crypto/tls/AbstractTlsClient.cs
+++ b/crypto/src/crypto/tls/AbstractTlsClient.cs
@@ -42,6 +42,16 @@ namespace Org.BouncyCastle.Crypto.Tls
*/
TlsEccUtilities.ReadSupportedEllipticCurvesExtension(extensionData);
return true;
+
+ case ExtensionType.ec_point_formats:
+ /*
+ * Exception added based on field reports that some servers send this even when they
+ * didn't negotiate an ECC cipher suite. If present, we still require that it is a valid
+ * ECPointFormatList.
+ */
+ TlsEccUtilities.ReadSupportedPointFormatsExtension(extensionData);
+ return true;
+
default:
return false;
}
diff --git a/crypto/src/ocsp/OCSPUtil.cs b/crypto/src/ocsp/OCSPUtil.cs
index cbc1e95f5..e42e7f84f 100644
--- a/crypto/src/ocsp/OCSPUtil.cs
+++ b/crypto/src/ocsp/OCSPUtil.cs
@@ -4,6 +4,7 @@ using System.Collections;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.CryptoPro;
using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Oiw;
using Org.BouncyCastle.Asn1.Pkcs;
using Org.BouncyCastle.Asn1.TeleTrust;
using Org.BouncyCastle.Asn1.X509;
@@ -21,71 +22,74 @@ namespace Org.BouncyCastle.Ocsp
static OcspUtilities()
{
- algorithms.Add("MD2WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD2WithRsaEncryption);
- algorithms.Add("MD2WITHRSA", PkcsObjectIdentifiers.MD2WithRsaEncryption);
- algorithms.Add("MD5WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD5WithRsaEncryption);
- algorithms.Add("MD5WITHRSA", PkcsObjectIdentifiers.MD5WithRsaEncryption);
- algorithms.Add("SHA1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
- algorithms.Add("SHA1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
- algorithms.Add("SHA224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
- algorithms.Add("SHA224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
- algorithms.Add("SHA256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
- algorithms.Add("SHA256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
- algorithms.Add("SHA384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
- algorithms.Add("SHA384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
- algorithms.Add("SHA512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
- algorithms.Add("SHA512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
- algorithms.Add("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
- algorithms.Add("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
- algorithms.Add("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
- algorithms.Add("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
- algorithms.Add("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
- algorithms.Add("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
- algorithms.Add("SHA1WITHDSA", X9ObjectIdentifiers.IdDsaWithSha1);
- algorithms.Add("DSAWITHSHA1", X9ObjectIdentifiers.IdDsaWithSha1);
- algorithms.Add("SHA224WITHDSA", NistObjectIdentifiers.DsaWithSha224);
- algorithms.Add("SHA256WITHDSA", NistObjectIdentifiers.DsaWithSha256);
- algorithms.Add("SHA1WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha1);
- algorithms.Add("ECDSAWITHSHA1", X9ObjectIdentifiers.ECDsaWithSha1);
- algorithms.Add("SHA224WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha224);
- algorithms.Add("SHA256WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha256);
- algorithms.Add("SHA384WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha384);
- algorithms.Add("SHA512WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha512);
- algorithms.Add("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
- algorithms.Add("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
+ algorithms.Add("MD2WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD2WithRsaEncryption);
+ algorithms.Add("MD2WITHRSA", PkcsObjectIdentifiers.MD2WithRsaEncryption);
+ algorithms.Add("MD5WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD5WithRsaEncryption);
+ algorithms.Add("MD5WITHRSA", PkcsObjectIdentifiers.MD5WithRsaEncryption);
+ algorithms.Add("SHA1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
+ algorithms.Add("SHA1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
+ algorithms.Add("SHA224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
+ algorithms.Add("SHA224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
+ algorithms.Add("SHA256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
+ algorithms.Add("SHA256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
+ algorithms.Add("SHA384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
+ algorithms.Add("SHA384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
+ algorithms.Add("SHA512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
+ algorithms.Add("SHA512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
+ algorithms.Add("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
+ algorithms.Add("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
+ algorithms.Add("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
+ algorithms.Add("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
+ algorithms.Add("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
+ algorithms.Add("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
+ algorithms.Add("SHA1WITHDSA", X9ObjectIdentifiers.IdDsaWithSha1);
+ algorithms.Add("DSAWITHSHA1", X9ObjectIdentifiers.IdDsaWithSha1);
+ algorithms.Add("SHA224WITHDSA", NistObjectIdentifiers.DsaWithSha224);
+ algorithms.Add("SHA256WITHDSA", NistObjectIdentifiers.DsaWithSha256);
+ algorithms.Add("SHA1WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha1);
+ algorithms.Add("ECDSAWITHSHA1", X9ObjectIdentifiers.ECDsaWithSha1);
+ algorithms.Add("SHA224WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha224);
+ algorithms.Add("SHA256WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha256);
+ algorithms.Add("SHA384WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha384);
+ algorithms.Add("SHA512WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha512);
+ algorithms.Add("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
+ algorithms.Add("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
- oids.Add(PkcsObjectIdentifiers.MD2WithRsaEncryption, "MD2WITHRSA");
- oids.Add(PkcsObjectIdentifiers.MD5WithRsaEncryption, "MD5WITHRSA");
- oids.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption, "SHA1WITHRSA");
- oids.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption, "SHA224WITHRSA");
- oids.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption, "SHA256WITHRSA");
- oids.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption, "SHA384WITHRSA");
- oids.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption, "SHA512WITHRSA");
- oids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160, "RIPEMD160WITHRSA");
- oids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128, "RIPEMD128WITHRSA");
- oids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256, "RIPEMD256WITHRSA");
- oids.Add(X9ObjectIdentifiers.IdDsaWithSha1, "SHA1WITHDSA");
- oids.Add(NistObjectIdentifiers.DsaWithSha224, "SHA224WITHDSA");
- oids.Add(NistObjectIdentifiers.DsaWithSha256, "SHA256WITHDSA");
- oids.Add(X9ObjectIdentifiers.ECDsaWithSha1, "SHA1WITHECDSA");
- oids.Add(X9ObjectIdentifiers.ECDsaWithSha224, "SHA224WITHECDSA");
- oids.Add(X9ObjectIdentifiers.ECDsaWithSha256, "SHA256WITHECDSA");
- oids.Add(X9ObjectIdentifiers.ECDsaWithSha384, "SHA384WITHECDSA");
- oids.Add(X9ObjectIdentifiers.ECDsaWithSha512, "SHA512WITHECDSA");
- oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, "GOST3411WITHGOST3410");
+ oids.Add(PkcsObjectIdentifiers.MD2WithRsaEncryption, "MD2WITHRSA");
+ oids.Add(PkcsObjectIdentifiers.MD5WithRsaEncryption, "MD5WITHRSA");
+ oids.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption, "SHA1WITHRSA");
+ oids.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption, "SHA224WITHRSA");
+ oids.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption, "SHA256WITHRSA");
+ oids.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption, "SHA384WITHRSA");
+ oids.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption, "SHA512WITHRSA");
+ oids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160, "RIPEMD160WITHRSA");
+ oids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128, "RIPEMD128WITHRSA");
+ oids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256, "RIPEMD256WITHRSA");
+ oids.Add(X9ObjectIdentifiers.IdDsaWithSha1, "SHA1WITHDSA");
+ oids.Add(NistObjectIdentifiers.DsaWithSha224, "SHA224WITHDSA");
+ oids.Add(NistObjectIdentifiers.DsaWithSha256, "SHA256WITHDSA");
+ oids.Add(X9ObjectIdentifiers.ECDsaWithSha1, "SHA1WITHECDSA");
+ oids.Add(X9ObjectIdentifiers.ECDsaWithSha224, "SHA224WITHECDSA");
+ oids.Add(X9ObjectIdentifiers.ECDsaWithSha256, "SHA256WITHECDSA");
+ oids.Add(X9ObjectIdentifiers.ECDsaWithSha384, "SHA384WITHECDSA");
+ oids.Add(X9ObjectIdentifiers.ECDsaWithSha512, "SHA512WITHECDSA");
+ oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, "GOST3411WITHGOST3410");
+ oids.Add(OiwObjectIdentifiers.MD5WithRsa, "MD5WITHRSA");
+ oids.Add(OiwObjectIdentifiers.Sha1WithRsa, "SHA1WITHRSA");
+ oids.Add(OiwObjectIdentifiers.DsaWithSha1, "SHA1WITHDSA");
- //
- // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
- // The parameters field SHALL be NULL for RSA based signature algorithms.
- //
- noParams.Add(X9ObjectIdentifiers.ECDsaWithSha1);
- noParams.Add(X9ObjectIdentifiers.ECDsaWithSha224);
- noParams.Add(X9ObjectIdentifiers.ECDsaWithSha256);
- noParams.Add(X9ObjectIdentifiers.ECDsaWithSha384);
- noParams.Add(X9ObjectIdentifiers.ECDsaWithSha512);
- noParams.Add(X9ObjectIdentifiers.IdDsaWithSha1);
- noParams.Add(NistObjectIdentifiers.DsaWithSha224);
- noParams.Add(NistObjectIdentifiers.DsaWithSha256);
+ //
+ // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
+ // The parameters field SHALL be NULL for RSA based signature algorithms.
+ //
+ noParams.Add(X9ObjectIdentifiers.ECDsaWithSha1);
+ noParams.Add(X9ObjectIdentifiers.ECDsaWithSha224);
+ noParams.Add(X9ObjectIdentifiers.ECDsaWithSha256);
+ noParams.Add(X9ObjectIdentifiers.ECDsaWithSha384);
+ noParams.Add(X9ObjectIdentifiers.ECDsaWithSha512);
+ noParams.Add(X9ObjectIdentifiers.IdDsaWithSha1);
+ noParams.Add(NistObjectIdentifiers.DsaWithSha224);
+ noParams.Add(NistObjectIdentifiers.DsaWithSha256);
}
internal static DerObjectIdentifier GetAlgorithmOid(
diff --git a/crypto/src/pkcs/Pkcs10CertificationRequest.cs b/crypto/src/pkcs/Pkcs10CertificationRequest.cs
index c2504e6e5..24dc9b1cc 100644
--- a/crypto/src/pkcs/Pkcs10CertificationRequest.cs
+++ b/crypto/src/pkcs/Pkcs10CertificationRequest.cs
@@ -55,13 +55,13 @@ namespace Org.BouncyCastle.Pkcs
static Pkcs10CertificationRequest()
{
- algorithms.Add("MD2WITHRSAENCRYPTION", new DerObjectIdentifier("1.2.840.113549.1.1.2"));
- algorithms.Add("MD2WITHRSA", new DerObjectIdentifier("1.2.840.113549.1.1.2"));
- algorithms.Add("MD5WITHRSAENCRYPTION", new DerObjectIdentifier("1.2.840.113549.1.1.4"));
- algorithms.Add("MD5WITHRSA", new DerObjectIdentifier("1.2.840.113549.1.1.4"));
- algorithms.Add("RSAWITHMD5", new DerObjectIdentifier("1.2.840.113549.1.1.4"));
- algorithms.Add("SHA1WITHRSAENCRYPTION", new DerObjectIdentifier("1.2.840.113549.1.1.5"));
- algorithms.Add("SHA1WITHRSA", new DerObjectIdentifier("1.2.840.113549.1.1.5"));
+ algorithms.Add("MD2WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD2WithRsaEncryption);
+ algorithms.Add("MD2WITHRSA", PkcsObjectIdentifiers.MD2WithRsaEncryption);
+ algorithms.Add("MD5WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD5WithRsaEncryption);
+ algorithms.Add("MD5WITHRSA", PkcsObjectIdentifiers.MD5WithRsaEncryption);
+ algorithms.Add("RSAWITHMD5", PkcsObjectIdentifiers.MD5WithRsaEncryption);
+ algorithms.Add("SHA1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
+ algorithms.Add("SHA1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
algorithms.Add("SHA224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
algorithms.Add("SHA224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
algorithms.Add("SHA256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
@@ -75,15 +75,15 @@ namespace Org.BouncyCastle.Pkcs
algorithms.Add("SHA256WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
algorithms.Add("SHA384WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
algorithms.Add("SHA512WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
- algorithms.Add("RSAWITHSHA1", new DerObjectIdentifier("1.2.840.113549.1.1.5"));
+ algorithms.Add("RSAWITHSHA1", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
algorithms.Add("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
algorithms.Add("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
algorithms.Add("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
algorithms.Add("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
algorithms.Add("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
algorithms.Add("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
- algorithms.Add("SHA1WITHDSA", new DerObjectIdentifier("1.2.840.10040.4.3"));
- algorithms.Add("DSAWITHSHA1", new DerObjectIdentifier("1.2.840.10040.4.3"));
+ algorithms.Add("SHA1WITHDSA", X9ObjectIdentifiers.IdDsaWithSha1);
+ algorithms.Add("DSAWITHSHA1", X9ObjectIdentifiers.IdDsaWithSha1);
algorithms.Add("SHA224WITHDSA", NistObjectIdentifiers.DsaWithSha224);
algorithms.Add("SHA256WITHDSA", NistObjectIdentifiers.DsaWithSha256);
algorithms.Add("SHA384WITHDSA", NistObjectIdentifiers.DsaWithSha384);
@@ -103,26 +103,27 @@ namespace Org.BouncyCastle.Pkcs
//
// reverse mappings
//
- oids.Add(new DerObjectIdentifier("1.2.840.113549.1.1.5"), "SHA1WITHRSA");
- oids.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption, "SHA224WITHRSA");
- oids.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption, "SHA256WITHRSA");
- oids.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption, "SHA384WITHRSA");
- oids.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption, "SHA512WITHRSA");
- oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, "GOST3411WITHGOST3410");
- oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001, "GOST3411WITHECGOST3410");
-
- oids.Add(new DerObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA");
- oids.Add(new DerObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA");
- oids.Add(new DerObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA");
- oids.Add(X9ObjectIdentifiers.ECDsaWithSha1, "SHA1WITHECDSA");
- oids.Add(X9ObjectIdentifiers.ECDsaWithSha224, "SHA224WITHECDSA");
- oids.Add(X9ObjectIdentifiers.ECDsaWithSha256, "SHA256WITHECDSA");
- oids.Add(X9ObjectIdentifiers.ECDsaWithSha384, "SHA384WITHECDSA");
- oids.Add(X9ObjectIdentifiers.ECDsaWithSha512, "SHA512WITHECDSA");
- oids.Add(OiwObjectIdentifiers.Sha1WithRsa, "SHA1WITHRSA");
- oids.Add(OiwObjectIdentifiers.DsaWithSha1, "SHA1WITHDSA");
- oids.Add(NistObjectIdentifiers.DsaWithSha224, "SHA224WITHDSA");
- oids.Add(NistObjectIdentifiers.DsaWithSha256, "SHA256WITHDSA");
+ oids.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption, "SHA1WITHRSA");
+ oids.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption, "SHA224WITHRSA");
+ oids.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption, "SHA256WITHRSA");
+ oids.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption, "SHA384WITHRSA");
+ oids.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption, "SHA512WITHRSA");
+ oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, "GOST3411WITHGOST3410");
+ oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001, "GOST3411WITHECGOST3410");
+
+ oids.Add(PkcsObjectIdentifiers.MD5WithRsaEncryption, "MD5WITHRSA");
+ oids.Add(PkcsObjectIdentifiers.MD2WithRsaEncryption, "MD2WITHRSA");
+ oids.Add(X9ObjectIdentifiers.IdDsaWithSha1, "SHA1WITHDSA");
+ oids.Add(X9ObjectIdentifiers.ECDsaWithSha1, "SHA1WITHECDSA");
+ oids.Add(X9ObjectIdentifiers.ECDsaWithSha224, "SHA224WITHECDSA");
+ oids.Add(X9ObjectIdentifiers.ECDsaWithSha256, "SHA256WITHECDSA");
+ oids.Add(X9ObjectIdentifiers.ECDsaWithSha384, "SHA384WITHECDSA");
+ oids.Add(X9ObjectIdentifiers.ECDsaWithSha512, "SHA512WITHECDSA");
+ oids.Add(OiwObjectIdentifiers.MD5WithRsa, "MD5WITHRSA");
+ oids.Add(OiwObjectIdentifiers.Sha1WithRsa, "SHA1WITHRSA");
+ oids.Add(OiwObjectIdentifiers.DsaWithSha1, "SHA1WITHDSA");
+ oids.Add(NistObjectIdentifiers.DsaWithSha224, "SHA224WITHDSA");
+ oids.Add(NistObjectIdentifiers.DsaWithSha256, "SHA256WITHDSA");
//
// key types
diff --git a/crypto/src/security/PrivateKeyFactory.cs b/crypto/src/security/PrivateKeyFactory.cs
index 8c2ecfdb0..c9e19cc7d 100644
--- a/crypto/src/security/PrivateKeyFactory.cs
+++ b/crypto/src/security/PrivateKeyFactory.cs
@@ -143,8 +143,7 @@ namespace Org.BouncyCastle.Security
if (privKey is DerInteger)
{
- // TODO Do we need to pass any parameters here?
- ec = new ECPrivateKeyStructure(ecP.N.BitLength, ((DerInteger)privKey).Value);
+ ec = new ECPrivateKeyStructure(ecP.N.BitLength, ((DerInteger)privKey).PositiveValue);
}
else
{
@@ -155,14 +154,22 @@ namespace Org.BouncyCastle.Security
}
else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x94))
{
- Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
- Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
+ Gost3410PublicKeyAlgParameters gostParams = Gost3410PublicKeyAlgParameters.GetInstance(algID.Parameters);
- DerOctetString derX = (DerOctetString)keyInfo.ParsePrivateKey();
- BigInteger x = new BigInteger(1, Arrays.Reverse(derX.GetOctets()));
+ Asn1Object privKey = keyInfo.ParsePrivateKey();
+ BigInteger x;
- return new Gost3410PrivateKeyParameters(x, gostParams.PublicKeyParamSet);
- }
+ if (privKey is DerInteger)
+ {
+ x = DerInteger.GetInstance(privKey).PositiveValue;
+ }
+ else
+ {
+ x = new BigInteger(1, Arrays.Reverse(Asn1OctetString.GetInstance(privKey).GetOctets()));
+ }
+
+ return new Gost3410PrivateKeyParameters(x, gostParams.PublicKeyParamSet);
+ }
else
{
throw new SecurityUtilityException("algorithm identifier in key not recognised");
diff --git a/crypto/src/security/SignerUtilities.cs b/crypto/src/security/SignerUtilities.cs
index 9a4915b46..44281503a 100644
--- a/crypto/src/security/SignerUtilities.cs
+++ b/crypto/src/security/SignerUtilities.cs
@@ -5,6 +5,7 @@ using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.CryptoPro;
using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Oiw;
using Org.BouncyCastle.Asn1.Pkcs;
using Org.BouncyCastle.Asn1.TeleTrust;
using Org.BouncyCastle.Asn1.X509;
@@ -39,15 +40,19 @@ namespace Org.BouncyCastle.Security
algorithms["MD4WITHRSA"] = "MD4withRSA";
algorithms["MD4WITHRSAENCRYPTION"] = "MD4withRSA";
algorithms[PkcsObjectIdentifiers.MD4WithRsaEncryption.Id] = "MD4withRSA";
+ algorithms[OiwObjectIdentifiers.MD4WithRsa.Id] = "MD4withRSA";
+ algorithms[OiwObjectIdentifiers.MD4WithRsaEncryption.Id] = "MD4withRSA";
- algorithms["MD5WITHRSA"] = "MD5withRSA";
+ algorithms["MD5WITHRSA"] = "MD5withRSA";
algorithms["MD5WITHRSAENCRYPTION"] = "MD5withRSA";
algorithms[PkcsObjectIdentifiers.MD5WithRsaEncryption.Id] = "MD5withRSA";
+ algorithms[OiwObjectIdentifiers.MD5WithRsa.Id] = "MD5withRSA";
algorithms["SHA1WITHRSA"] = "SHA-1withRSA";
algorithms["SHA1WITHRSAENCRYPTION"] = "SHA-1withRSA";
- algorithms[PkcsObjectIdentifiers.Sha1WithRsaEncryption.Id] = "SHA-1withRSA";
algorithms["SHA-1WITHRSA"] = "SHA-1withRSA";
+ algorithms[PkcsObjectIdentifiers.Sha1WithRsaEncryption.Id] = "SHA-1withRSA";
+ algorithms[OiwObjectIdentifiers.Sha1WithRsa.Id] = "SHA-1withRSA";
algorithms["SHA224WITHRSA"] = "SHA-224withRSA";
algorithms["SHA224WITHRSAENCRYPTION"] = "SHA-224withRSA";
@@ -132,6 +137,7 @@ namespace Org.BouncyCastle.Security
algorithms["SHA1WITHDSA"] = "SHA-1withDSA";
algorithms["SHA-1WITHDSA"] = "SHA-1withDSA";
algorithms[X9ObjectIdentifiers.IdDsaWithSha1.Id] = "SHA-1withDSA";
+ algorithms[OiwObjectIdentifiers.DsaWithSha1.Id] = "SHA-1withDSA";
algorithms["DSAWITHSHA224"] = "SHA-224withDSA";
algorithms["DSAWITHSHA-224"] = "SHA-224withDSA";
diff --git a/crypto/src/tsp/TSPUtil.cs b/crypto/src/tsp/TSPUtil.cs
index 1026914f4..dc8ed3c21 100644
--- a/crypto/src/tsp/TSPUtil.cs
+++ b/crypto/src/tsp/TSPUtil.cs
@@ -28,32 +28,36 @@ namespace Org.BouncyCastle.Tsp
static TspUtil()
{
- digestLengths.Add(PkcsObjectIdentifiers.MD5.Id, 16);
- digestLengths.Add(OiwObjectIdentifiers.IdSha1.Id, 20);
- digestLengths.Add(NistObjectIdentifiers.IdSha224.Id, 28);
- digestLengths.Add(NistObjectIdentifiers.IdSha256.Id, 32);
- digestLengths.Add(NistObjectIdentifiers.IdSha384.Id, 48);
- digestLengths.Add(NistObjectIdentifiers.IdSha512.Id, 64);
- digestLengths.Add(TeleTrusTObjectIdentifiers.RipeMD128.Id, 16);
- digestLengths.Add(TeleTrusTObjectIdentifiers.RipeMD160.Id, 20);
- digestLengths.Add(TeleTrusTObjectIdentifiers.RipeMD256.Id, 32);
- digestLengths.Add(CryptoProObjectIdentifiers.GostR3411.Id, 32);
-
- digestNames.Add(PkcsObjectIdentifiers.MD5.Id, "MD5");
- digestNames.Add(OiwObjectIdentifiers.IdSha1.Id, "SHA1");
- digestNames.Add(NistObjectIdentifiers.IdSha224.Id, "SHA224");
- digestNames.Add(NistObjectIdentifiers.IdSha256.Id, "SHA256");
- digestNames.Add(NistObjectIdentifiers.IdSha384.Id, "SHA384");
- digestNames.Add(NistObjectIdentifiers.IdSha512.Id, "SHA512");
+ digestLengths.Add(PkcsObjectIdentifiers.MD5.Id, 16);
+ digestLengths.Add(OiwObjectIdentifiers.IdSha1.Id, 20);
+ digestLengths.Add(NistObjectIdentifiers.IdSha224.Id, 28);
+ digestLengths.Add(NistObjectIdentifiers.IdSha256.Id, 32);
+ digestLengths.Add(NistObjectIdentifiers.IdSha384.Id, 48);
+ digestLengths.Add(NistObjectIdentifiers.IdSha512.Id, 64);
+ digestLengths.Add(TeleTrusTObjectIdentifiers.RipeMD128.Id, 16);
+ digestLengths.Add(TeleTrusTObjectIdentifiers.RipeMD160.Id, 20);
+ digestLengths.Add(TeleTrusTObjectIdentifiers.RipeMD256.Id, 32);
+ digestLengths.Add(CryptoProObjectIdentifiers.GostR3411.Id, 32);
+
+ digestNames.Add(PkcsObjectIdentifiers.MD5.Id, "MD5");
+ digestNames.Add(OiwObjectIdentifiers.IdSha1.Id, "SHA1");
+ digestNames.Add(NistObjectIdentifiers.IdSha224.Id, "SHA224");
+ digestNames.Add(NistObjectIdentifiers.IdSha256.Id, "SHA256");
+ digestNames.Add(NistObjectIdentifiers.IdSha384.Id, "SHA384");
+ digestNames.Add(NistObjectIdentifiers.IdSha512.Id, "SHA512");
+ digestNames.Add(PkcsObjectIdentifiers.MD5WithRsaEncryption, "MD5");
digestNames.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption.Id, "SHA1");
- digestNames.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption.Id, "SHA224");
- digestNames.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption.Id, "SHA256");
- digestNames.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption.Id, "SHA384");
- digestNames.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption.Id, "SHA512");
- digestNames.Add(TeleTrusTObjectIdentifiers.RipeMD128.Id, "RIPEMD128");
- digestNames.Add(TeleTrusTObjectIdentifiers.RipeMD160.Id, "RIPEMD160");
- digestNames.Add(TeleTrusTObjectIdentifiers.RipeMD256.Id, "RIPEMD256");
- digestNames.Add(CryptoProObjectIdentifiers.GostR3411.Id, "GOST3411");
+ digestNames.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption.Id, "SHA224");
+ digestNames.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption.Id, "SHA256");
+ digestNames.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption.Id, "SHA384");
+ digestNames.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption.Id, "SHA512");
+ digestNames.Add(TeleTrusTObjectIdentifiers.RipeMD128.Id, "RIPEMD128");
+ digestNames.Add(TeleTrusTObjectIdentifiers.RipeMD160.Id, "RIPEMD160");
+ digestNames.Add(TeleTrusTObjectIdentifiers.RipeMD256.Id, "RIPEMD256");
+ digestNames.Add(CryptoProObjectIdentifiers.GostR3411.Id, "GOST3411");
+ digestNames.Add(OiwObjectIdentifiers.DsaWithSha1.Id, "SHA1");
+ digestNames.Add(OiwObjectIdentifiers.Sha1WithRsa.Id, "SHA1");
+ digestNames.Add(OiwObjectIdentifiers.MD5WithRsa, "MD5");
}
|
