From 7bd0d90741a85da07c6949007e5e020c829a65fa Mon Sep 17 00:00:00 2001 From: Peter Dettman Date: Mon, 24 Jul 2023 16:49:28 +0700 Subject: Refactoring in Cms --- crypto/src/cms/CMSEnvelopedGenerator.cs | 14 +++++++-- crypto/src/cms/KeyAgreeRecipientInformation.cs | 43 +++++++++++++------------- crypto/test/src/test/DHTest.cs | 37 +++++++++++----------- 3 files changed, 50 insertions(+), 44 deletions(-) diff --git a/crypto/src/cms/CMSEnvelopedGenerator.cs b/crypto/src/cms/CMSEnvelopedGenerator.cs index 702afc664..3a7ef8f3f 100644 --- a/crypto/src/cms/CMSEnvelopedGenerator.cs +++ b/crypto/src/cms/CMSEnvelopedGenerator.cs @@ -3,6 +3,7 @@ using System.Collections.Generic; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.CryptoPro; using Org.BouncyCastle.Asn1.Kisa; using Org.BouncyCastle.Asn1.Nist; using Org.BouncyCastle.Asn1.Ntt; @@ -79,10 +80,13 @@ namespace Org.BouncyCastle.Cms public static readonly string DesCbc = OiwObjectIdentifiers.DesCbc.Id; public static readonly string DesEde3Cbc = PkcsObjectIdentifiers.DesEde3Cbc.Id; public static readonly string RC2Cbc = PkcsObjectIdentifiers.RC2Cbc.Id; - // TODO[api] Change these to static readonly (and ideally find actual OIDs) + // TODO[api] Change to static readonly public const string IdeaCbc = "1.3.6.1.4.1.188.7.1.1.2"; - public const string Cast5Cbc = "1.2.840.113533.7.66.10"; - public static readonly string Aes128Cbc = NistObjectIdentifiers.IdAes128Cbc.Id; + //public static readonly string IdeaCbc = MiscObjectIdentifiers.as_sys_sec_alg_ideaCBC.Id; + // TODO[api] Change to static readonly + public const string Cast5Cbc = "1.2.840.113533.7.66.10"; + //public static readonly string CastCbc = MiscObjectIdentifiers.cast5CBC.Id; + public static readonly string Aes128Cbc = NistObjectIdentifiers.IdAes128Cbc.Id; public static readonly string Aes192Cbc = NistObjectIdentifiers.IdAes192Cbc.Id; public static readonly string Aes256Cbc = NistObjectIdentifiers.IdAes256Cbc.Id; public static readonly string Aes128Ccm = NistObjectIdentifiers.IdAes128Ccm.Id; @@ -105,6 +109,10 @@ namespace Org.BouncyCastle.Cms public static readonly string Camellia256Wrap = NttObjectIdentifiers.IdCamellia256Wrap.Id; public static readonly string SeedWrap = KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap.Id; + public static readonly string Gost28147Wrap = CryptoProObjectIdentifiers.id_Gost28147_89_None_KeyWrap.Id; + public static readonly string Gost28147CryptoProWrap = CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap.Id; + + public static readonly string ECCDHSha1Kdf = X9ObjectIdentifiers.DHSinglePassCofactorDHSha1KdfScheme.Id; public static readonly string ECDHSha1Kdf = X9ObjectIdentifiers.DHSinglePassStdDHSha1KdfScheme.Id; public static readonly string ECMqvSha1Kdf = X9ObjectIdentifiers.MqvSinglePassSha1KdfScheme.Id; public static readonly string ECMqvSha224Kdf = SecObjectIdentifiers.mqvSinglePass_sha224kdf_scheme.Id; diff --git a/crypto/src/cms/KeyAgreeRecipientInformation.cs b/crypto/src/cms/KeyAgreeRecipientInformation.cs index 32679803d..893b88b73 100644 --- a/crypto/src/cms/KeyAgreeRecipientInformation.cs +++ b/crypto/src/cms/KeyAgreeRecipientInformation.cs @@ -5,6 +5,7 @@ using System.IO; using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cms; using Org.BouncyCastle.Asn1.Cms.Ecc; +using Org.BouncyCastle.Asn1.CryptoPro; using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Asn1.X9; @@ -23,8 +24,8 @@ namespace Org.BouncyCastle.Cms public class KeyAgreeRecipientInformation : RecipientInformation { - private KeyAgreeRecipientInfo info; - private Asn1OctetString encryptedKey; + private readonly KeyAgreeRecipientInfo m_info; + private readonly Asn1OctetString m_encryptedKey; internal static void ReadRecipientInfo(IList infos, KeyAgreeRecipientInfo info, CmsSecureReadable secureReadable) @@ -64,30 +65,24 @@ namespace Org.BouncyCastle.Cms } } - internal KeyAgreeRecipientInformation( - KeyAgreeRecipientInfo info, - RecipientID rid, - Asn1OctetString encryptedKey, - CmsSecureReadable secureReadable) + internal KeyAgreeRecipientInformation(KeyAgreeRecipientInfo info, RecipientID rid, Asn1OctetString encryptedKey, + CmsSecureReadable secureReadable) : base(info.KeyEncryptionAlgorithm, secureReadable) { - this.info = info; + m_info = info; this.rid = rid; - this.encryptedKey = encryptedKey; + m_encryptedKey = encryptedKey; } - private AsymmetricKeyParameter GetSenderPublicKey( - AsymmetricKeyParameter receiverPrivateKey, - OriginatorIdentifierOrKey originator) + private AsymmetricKeyParameter GetSenderPublicKey(AsymmetricKeyParameter receiverPrivateKey, + OriginatorIdentifierOrKey originator) { OriginatorPublicKey opk = originator.OriginatorPublicKey; if (opk != null) - { return GetPublicKeyFromOriginatorPublicKey(receiverPrivateKey, opk); - } - + OriginatorID origID = new OriginatorID(); - + Asn1.Cms.IssuerAndSerialNumber iAndSN = originator.IssuerAndSerialNumber; if (iAndSN != null) { @@ -131,7 +126,7 @@ namespace Org.BouncyCastle.Cms if (agreeAlgID.Id.Equals(CmsEnvelopedGenerator.ECMqvSha1Kdf)) { - byte[] ukmEncoding = info.UserKeyingMaterial.GetOctets(); + byte[] ukmEncoding = m_info.UserKeyingMaterial.GetOctets(); MQVuserKeyingMaterial ukm = MQVuserKeyingMaterial.GetInstance( Asn1Object.FromByteArray(ukmEncoding)); @@ -157,7 +152,7 @@ namespace Org.BouncyCastle.Cms private KeyParameter UnwrapSessionKey(DerObjectIdentifier wrapAlgOid, KeyParameter agreedKey) { - byte[] encKeyOctets = encryptedKey.GetOctets(); + byte[] encKeyOctets = m_encryptedKey.GetOctets(); IWrapper keyCipher = WrapperUtilities.GetWrapper(wrapAlgOid); keyCipher.Init(false, agreedKey); @@ -165,18 +160,22 @@ namespace Org.BouncyCastle.Cms return ParameterUtilities.CreateKeyParameter(GetContentAlgorithmName(), sKeyBytes); } - internal KeyParameter GetSessionKey( - AsymmetricKeyParameter receiverPrivateKey) + internal KeyParameter GetSessionKey(AsymmetricKeyParameter receiverPrivateKey) { try { var wrapAlgOid = DerObjectIdentifier.GetInstance(Asn1Sequence.GetInstance(keyEncAlg.Parameters)[0]); - AsymmetricKeyParameter senderPublicKey = GetSenderPublicKey( - receiverPrivateKey, info.Originator); + AsymmetricKeyParameter senderPublicKey = GetSenderPublicKey(receiverPrivateKey, m_info.Originator); KeyParameter agreedWrapKey = CalculateAgreedWrapKey(wrapAlgOid, senderPublicKey, receiverPrivateKey); + if (CryptoProObjectIdentifiers.id_Gost28147_89_None_KeyWrap.Equals(wrapAlgOid) || + CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap.Equals(wrapAlgOid)) + { + // TODO[cms] GOST key wrapping + } + return UnwrapSessionKey(wrapAlgOid, agreedWrapKey); } catch (SecurityUtilityException e) diff --git a/crypto/test/src/test/DHTest.cs b/crypto/test/src/test/DHTest.cs index 7d36c53b1..073bc1bb1 100644 --- a/crypto/test/src/test/DHTest.cs +++ b/crypto/test/src/test/DHTest.cs @@ -77,7 +77,7 @@ namespace Org.BouncyCastle.Tests get { return "DH"; } } - private void doTestGP( + private void ImplTestGP( string algName, int size, int privateValueSize, @@ -279,7 +279,7 @@ namespace Org.BouncyCastle.Tests } } - private void doTestExplicitWrapping( + private void ImplTestExplicitWrapping( int size, int privateValueSize, BigInteger g, @@ -348,8 +348,7 @@ namespace Org.BouncyCastle.Tests } // TODO Put back in -// private void doTestRandom( -// int size) +// private void ImplTestRandom(int size) // { // AlgorithmParameterGenerator a = AlgorithmParameterGenerator.getInstance("DH"); // a.init(size, new SecureRandom()); @@ -370,22 +369,22 @@ namespace Org.BouncyCastle.Tests // // DHParameterSpec dhP = (DHParameterSpec)parameters.getParameterSpec(DHParameterSpec.class); // -// doTestGP("DH", size, 0, dhP.G, dhP.P); +// ImplTestGP("DH", size, 0, dhP.G, dhP.P); // } [Test] public void TestECDH() { - DoTestECDH("ECDH"); + ImplTestECDH("ECDH"); } [Test] public void TestECDHC() { - DoTestECDH("ECDHC"); + ImplTestECDH("ECDHC"); } - private void DoTestECDH(string algorithm) + private void ImplTestECDH(string algorithm) { IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator(algorithm); @@ -502,7 +501,7 @@ namespace Org.BouncyCastle.Tests } } - private void doTestDesAndDesEde( + private void ImplTestDesAndDesEde( BigInteger g, BigInteger p) { @@ -559,17 +558,17 @@ namespace Org.BouncyCastle.Tests [Test] public void TestFunction() { - doTestGP("DH", 512, 0, g512, p512); - doTestGP("DiffieHellman", 768, 0, g768, p768); - doTestGP("DIFFIEHELLMAN", 1024, 0, g1024, p1024); - doTestGP("DH", 512, 64, g512, p512); - doTestGP("DiffieHellman", 768, 128, g768, p768); - doTestGP("DIFFIEHELLMAN", 1024, 256, g1024, p1024); - doTestExplicitWrapping(512, 0, g512, p512); - doTestDesAndDesEde(g768, p768); - + ImplTestGP("DH", 512, 0, g512, p512); + ImplTestGP("DiffieHellman", 768, 0, g768, p768); + ImplTestGP("DIFFIEHELLMAN", 1024, 0, g1024, p1024); + ImplTestGP("DH", 512, 64, g512, p512); + ImplTestGP("DiffieHellman", 768, 128, g768, p768); + ImplTestGP("DIFFIEHELLMAN", 1024, 256, g1024, p1024); + ImplTestExplicitWrapping(512, 0, g512, p512); // TODO Put back in - //doTestRandom(256); + //ImplTestRandom(256); + + ImplTestDesAndDesEde(g768, p768); } [Test] -- cgit 1.4.1