From ceebe8fb52daf0fbadecbfb0e0a86b48ce011b38 Mon Sep 17 00:00:00 2001
From: Peter Dettman <peter.dettman@bouncycastle.org>
Date: Wed, 14 Jun 2023 13:01:06 +0700
Subject: Add new variant of GetBasicAgreementWithKdf

---
 crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs |  2 +-
 crypto/src/cms/KeyAgreeRecipientInformation.cs   | 27 +++++++++---------------
 crypto/src/security/AgreementUtilities.cs        | 10 ++++++---
 3 files changed, 18 insertions(+), 21 deletions(-)

(limited to 'crypto/src')

diff --git a/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs b/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs
index 6bcba0d80..479aa50cb 100644
--- a/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs
+++ b/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs
@@ -123,7 +123,7 @@ namespace Org.BouncyCastle.Cms
 
 				// Use key agreement to choose a wrap key for this recipient
 				IBasicAgreement keyAgreement = AgreementUtilities.GetBasicAgreementWithKdf(
-					m_keyAgreementOid, m_keyEncryptionOid.Id);
+					m_keyAgreementOid, m_keyEncryptionOid);
 				keyAgreement.Init(new ParametersWithRandom(senderPrivateParams, random));
 				BigInteger agreedValue = keyAgreement.CalculateAgreement(recipientPublicParams);
 
diff --git a/crypto/src/cms/KeyAgreeRecipientInformation.cs b/crypto/src/cms/KeyAgreeRecipientInformation.cs
index 398082810..cc1823cc6 100644
--- a/crypto/src/cms/KeyAgreeRecipientInformation.cs
+++ b/crypto/src/cms/KeyAgreeRecipientInformation.cs
@@ -123,10 +123,8 @@ namespace Org.BouncyCastle.Cms
             throw new CmsException("No support for 'originator' as IssuerAndSerialNumber or SubjectKeyIdentifier");
         }
 
-        private KeyParameter CalculateAgreedWrapKey(
-            string					wrapAlg,
-            AsymmetricKeyParameter	senderPublicKey,
-            AsymmetricKeyParameter	receiverPrivateKey)
+        private KeyParameter CalculateAgreedWrapKey(DerObjectIdentifier wrapAlgOid,
+            AsymmetricKeyParameter senderPublicKey, AsymmetricKeyParameter receiverPrivateKey)
         {
             DerObjectIdentifier agreeAlgID = keyEncAlg.Algorithm;
 
@@ -150,23 +148,20 @@ namespace Org.BouncyCastle.Cms
                     (ECPrivateKeyParameters)receiverPrivateParams);
             }
 
-            IBasicAgreement agreement = AgreementUtilities.GetBasicAgreementWithKdf(
-                agreeAlgID, wrapAlg);
+            IBasicAgreement agreement = AgreementUtilities.GetBasicAgreementWithKdf(agreeAlgID, wrapAlgOid);
             agreement.Init(receiverPrivateParams);
             BigInteger agreedValue = agreement.CalculateAgreement(senderPublicParams);
 
-            int wrapKeySize = GeneratorUtilities.GetDefaultKeySize(wrapAlg) / 8;
+            int wrapKeySize = GeneratorUtilities.GetDefaultKeySize(wrapAlgOid) / 8;
             byte[] wrapKeyBytes = X9IntegerConverter.IntegerToBytes(agreedValue, wrapKeySize);
-            return ParameterUtilities.CreateKeyParameter(wrapAlg, wrapKeyBytes);
+            return ParameterUtilities.CreateKeyParameter(wrapAlgOid, wrapKeyBytes);
         }
 
-        private KeyParameter UnwrapSessionKey(
-            string			wrapAlg,
-            KeyParameter	agreedKey)
+        private KeyParameter UnwrapSessionKey(DerObjectIdentifier wrapAlgOid, KeyParameter agreedKey)
         {
             byte[] encKeyOctets = encryptedKey.GetOctets();
 
-            IWrapper keyCipher = WrapperUtilities.GetWrapper(wrapAlg);
+            IWrapper keyCipher = WrapperUtilities.GetWrapper(wrapAlgOid);
             keyCipher.Init(false, agreedKey);
             byte[] sKeyBytes = keyCipher.Unwrap(encKeyOctets, 0, encKeyOctets.Length);
             return ParameterUtilities.CreateKeyParameter(GetContentAlgorithmName(), sKeyBytes);
@@ -177,16 +172,14 @@ namespace Org.BouncyCastle.Cms
         {
             try
             {
-                string wrapAlg = DerObjectIdentifier.GetInstance(
-                    Asn1Sequence.GetInstance(keyEncAlg.Parameters)[0]).Id;
+                var wrapAlgOid = DerObjectIdentifier.GetInstance(Asn1Sequence.GetInstance(keyEncAlg.Parameters)[0]);
 
                 AsymmetricKeyParameter senderPublicKey = GetSenderPublicKey(
                     receiverPrivateKey, info.Originator);
 
-                KeyParameter agreedWrapKey = CalculateAgreedWrapKey(wrapAlg,
-                    senderPublicKey, receiverPrivateKey);
+                KeyParameter agreedWrapKey = CalculateAgreedWrapKey(wrapAlgOid, senderPublicKey, receiverPrivateKey);
 
-                return UnwrapSessionKey(wrapAlg, agreedWrapKey);
+                return UnwrapSessionKey(wrapAlgOid, agreedWrapKey);
             }
             catch (SecurityUtilityException e)
             {
diff --git a/crypto/src/security/AgreementUtilities.cs b/crypto/src/security/AgreementUtilities.cs
index 0b7fc2a2b..5fef5f877 100644
--- a/crypto/src/security/AgreementUtilities.cs
+++ b/crypto/src/security/AgreementUtilities.cs
@@ -56,9 +56,13 @@ namespace Org.BouncyCastle.Security
 			throw new SecurityUtilityException("Basic Agreement " + algorithm + " not recognised.");
 		}
 
-		public static IBasicAgreement GetBasicAgreementWithKdf(
-			DerObjectIdentifier oid,
-			string				wrapAlgorithm)
+        public static IBasicAgreement GetBasicAgreementWithKdf(DerObjectIdentifier agreeAlgOid,
+			DerObjectIdentifier wrapAlgOid)
+        {
+            return GetBasicAgreementWithKdf(agreeAlgOid.Id, wrapAlgOid.Id);
+        }
+
+        public static IBasicAgreement GetBasicAgreementWithKdf(DerObjectIdentifier oid, string wrapAlgorithm)
 		{
 			return GetBasicAgreementWithKdf(oid.Id, wrapAlgorithm);
 		}
-- 
cgit 1.4.1