From 3a1d465dcde21e2cc5fa0589a2cbbde1f08fb681 Mon Sep 17 00:00:00 2001 From: Peter Dettman Date: Sat, 22 Jul 2023 15:31:33 +0700 Subject: Add explanatory comment for "wrong AES OIDs" --- crypto/src/security/GeneratorUtilities.cs | 6 +++--- crypto/src/security/ParameterUtilities.cs | 6 +++--- crypto/src/security/SecurityUtilities.cs | 13 +++++++++++++ 3 files changed, 19 insertions(+), 6 deletions(-) create mode 100644 crypto/src/security/SecurityUtilities.cs diff --git a/crypto/src/security/GeneratorUtilities.cs b/crypto/src/security/GeneratorUtilities.cs index cb6ca9c1b..e9525b377 100644 --- a/crypto/src/security/GeneratorUtilities.cs +++ b/crypto/src/security/GeneratorUtilities.cs @@ -38,7 +38,7 @@ namespace Org.BouncyCastle.Security AddKgAlgorithm("AES", "AESWRAP"); AddKgAlgorithm("AES128", - "2.16.840.1.101.3.4.2", + SecurityUtilities.WrongAes128, NistObjectIdentifiers.IdAes128Cbc, NistObjectIdentifiers.IdAes128Ccm, NistObjectIdentifiers.IdAes128Cfb, @@ -47,7 +47,7 @@ namespace Org.BouncyCastle.Security NistObjectIdentifiers.IdAes128Ofb, NistObjectIdentifiers.IdAes128Wrap); AddKgAlgorithm("AES192", - "2.16.840.1.101.3.4.22", + SecurityUtilities.WrongAes192, NistObjectIdentifiers.IdAes192Cbc, NistObjectIdentifiers.IdAes192Ccm, NistObjectIdentifiers.IdAes192Cfb, @@ -56,7 +56,7 @@ namespace Org.BouncyCastle.Security NistObjectIdentifiers.IdAes192Ofb, NistObjectIdentifiers.IdAes192Wrap); AddKgAlgorithm("AES256", - "2.16.840.1.101.3.4.42", + SecurityUtilities.WrongAes256, NistObjectIdentifiers.IdAes256Cbc, NistObjectIdentifiers.IdAes256Ccm, NistObjectIdentifiers.IdAes256Cfb, diff --git a/crypto/src/security/ParameterUtilities.cs b/crypto/src/security/ParameterUtilities.cs index d393e3d36..c1f4492b3 100644 --- a/crypto/src/security/ParameterUtilities.cs +++ b/crypto/src/security/ParameterUtilities.cs @@ -29,7 +29,7 @@ namespace Org.BouncyCastle.Security AddAlgorithm("AES", "AESWRAP"); AddAlgorithm("AES128", - "2.16.840.1.101.3.4.2", + SecurityUtilities.WrongAes128, NistObjectIdentifiers.IdAes128Cbc, NistObjectIdentifiers.IdAes128Ccm, NistObjectIdentifiers.IdAes128Cfb, @@ -38,7 +38,7 @@ namespace Org.BouncyCastle.Security NistObjectIdentifiers.IdAes128Ofb, NistObjectIdentifiers.IdAes128Wrap); AddAlgorithm("AES192", - "2.16.840.1.101.3.4.22", + SecurityUtilities.WrongAes192, NistObjectIdentifiers.IdAes192Cbc, NistObjectIdentifiers.IdAes192Ccm, NistObjectIdentifiers.IdAes192Cfb, @@ -47,7 +47,7 @@ namespace Org.BouncyCastle.Security NistObjectIdentifiers.IdAes192Ofb, NistObjectIdentifiers.IdAes192Wrap); AddAlgorithm("AES256", - "2.16.840.1.101.3.4.42", + SecurityUtilities.WrongAes256, NistObjectIdentifiers.IdAes256Cbc, NistObjectIdentifiers.IdAes256Ccm, NistObjectIdentifiers.IdAes256Cfb, diff --git a/crypto/src/security/SecurityUtilities.cs b/crypto/src/security/SecurityUtilities.cs new file mode 100644 index 000000000..ff24c6e1e --- /dev/null +++ b/crypto/src/security/SecurityUtilities.cs @@ -0,0 +1,13 @@ +namespace Org.BouncyCastle.Security +{ + internal static class SecurityUtilities + { + /* + * These three got introduced in some messages as a result of a typo in an early document. We don't produce + * anything using these OID values, but we'll read them. + */ + internal static readonly string WrongAes128 = "2.16.840.1.101.3.4.2"; + internal static readonly string WrongAes192 = "2.16.840.1.101.3.4.22"; + internal static readonly string WrongAes256 = "2.16.840.1.101.3.4.42"; + } +} -- cgit 1.4.1