From a35474d76646504318907bb3bd33e179fbecd997 Mon Sep 17 00:00:00 2001 From: Peter Dettman Date: Fri, 10 May 2024 20:56:16 +0700 Subject: Fix CMS recipient selection by SubjectKeyIdentifier - see https://github.com/bcgit/bc-csharp/issues/532 --- crypto/src/cms/KeyAgreeRecipientInformation.cs | 4 ++-- crypto/src/cms/KeyTransRecipientInformation.cs | 2 +- crypto/src/cms/SignerInformation.cs | 2 +- crypto/src/x509/store/X509CertStoreSelector.cs | 8 +++++++- 4 files changed, 11 insertions(+), 5 deletions(-) diff --git a/crypto/src/cms/KeyAgreeRecipientInformation.cs b/crypto/src/cms/KeyAgreeRecipientInformation.cs index 893b88b73..f368cb211 100644 --- a/crypto/src/cms/KeyAgreeRecipientInformation.cs +++ b/crypto/src/cms/KeyAgreeRecipientInformation.cs @@ -52,7 +52,7 @@ namespace Org.BouncyCastle.Cms // Note: 'date' and 'other' fields of RecipientKeyIdentifier appear to be only informational - rid.SubjectKeyIdentifier = rKeyID.SubjectKeyIdentifier.GetOctets(); + rid.SubjectKeyIdentifier = rKeyID.SubjectKeyIdentifier.GetEncoded(Asn1Encodable.Der); } infos.Add(new KeyAgreeRecipientInformation(info, rid, id.EncryptedKey, @@ -93,7 +93,7 @@ namespace Org.BouncyCastle.Cms { SubjectKeyIdentifier ski = originator.SubjectKeyIdentifier; - origID.SubjectKeyIdentifier = ski.GetKeyIdentifier(); + origID.SubjectKeyIdentifier = ski.GetEncoded(Asn1Encodable.Der); } return GetPublicKeyFromOriginatorID(origID); diff --git a/crypto/src/cms/KeyTransRecipientInformation.cs b/crypto/src/cms/KeyTransRecipientInformation.cs index 2a40fed06..e09e6015f 100644 --- a/crypto/src/cms/KeyTransRecipientInformation.cs +++ b/crypto/src/cms/KeyTransRecipientInformation.cs @@ -40,7 +40,7 @@ namespace Org.BouncyCastle.Cms { Asn1OctetString octs = Asn1OctetString.GetInstance(r.ID); - rid.SubjectKeyIdentifier = octs.GetOctets(); + rid.SubjectKeyIdentifier = octs.GetEncoded(Asn1Encodable.Der); } else { diff --git a/crypto/src/cms/SignerInformation.cs b/crypto/src/cms/SignerInformation.cs index df6624f99..28f1ecfa9 100644 --- a/crypto/src/cms/SignerInformation.cs +++ b/crypto/src/cms/SignerInformation.cs @@ -58,7 +58,7 @@ namespace Org.BouncyCastle.Cms { Asn1OctetString octs = Asn1OctetString.GetInstance(s.ID); - sid.SubjectKeyIdentifier = octs.GetEncoded(); + sid.SubjectKeyIdentifier = octs.GetEncoded(Asn1Encodable.Der); } else { diff --git a/crypto/src/x509/store/X509CertStoreSelector.cs b/crypto/src/x509/store/X509CertStoreSelector.cs index a153868d4..684edeb38 100644 --- a/crypto/src/x509/store/X509CertStoreSelector.cs +++ b/crypto/src/x509/store/X509CertStoreSelector.cs @@ -60,6 +60,9 @@ namespace Org.BouncyCastle.X509.Store return new X509CertStoreSelector(this); } + /// + /// A DER encoding of an ASN.1 AuthorityKeyIdentifier value. + /// public byte[] AuthorityKeyIdentifier { get { return Arrays.Clone(authorityKeyIdentifier); } @@ -141,7 +144,10 @@ namespace Org.BouncyCastle.X509.Store set { subject = value; } } - public byte[] SubjectKeyIdentifier + /// + /// A DER encoding of an ASN.1 SubjectKeyIdentifier (OCTET STRING) value. + /// + public byte[] SubjectKeyIdentifier { get { return Arrays.Clone(subjectKeyIdentifier); } set { subjectKeyIdentifier = Arrays.Clone(value); } -- cgit 1.4.1