From 2af5fb18597085a765f59e6a808bf79155560359 Mon Sep 17 00:00:00 2001 From: Peter Dettman Date: Thu, 20 Jul 2023 13:01:32 +0700 Subject: Refactoring in Asn1.Crmf --- crypto/src/asn1/crmf/CertId.cs | 48 +++++--------- crypto/src/asn1/crmf/CertReqMsg.cs | 82 ++++++++++------------- crypto/src/asn1/crmf/PKMacValue.cs | 62 +++++++---------- crypto/src/asn1/crmf/PopoSigningKey.cs | 77 +++++++++------------- crypto/src/asn1/crmf/PopoSigningKeyInput.cs | 84 ++++++++++-------------- crypto/src/crmf/CertificateRequestMessage.cs | 8 +-- crypto/test/src/cmp/test/ProtectedMessageTest.cs | 2 +- 7 files changed, 143 insertions(+), 220 deletions(-) (limited to 'crypto') diff --git a/crypto/src/asn1/crmf/CertId.cs b/crypto/src/asn1/crmf/CertId.cs index f0cc94691..c63c21ca8 100644 --- a/crypto/src/asn1/crmf/CertId.cs +++ b/crypto/src/asn1/crmf/CertId.cs @@ -1,48 +1,37 @@ -using System; - -using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Asn1.X509; namespace Org.BouncyCastle.Asn1.Crmf { public class CertId : Asn1Encodable { - private readonly GeneralName issuer; - private readonly DerInteger serialNumber; - - private CertId(Asn1Sequence seq) - { - issuer = GeneralName.GetInstance(seq[0]); - serialNumber = DerInteger.GetInstance(seq[1]); - } - public static CertId GetInstance(object obj) { - if (obj is CertId) - return (CertId)obj; - - if (obj is Asn1Sequence) - return new CertId((Asn1Sequence)obj); - - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + if (obj == null) + return null; + if (obj is CertId certID) + return certID; + return new CertId(Asn1Sequence.GetInstance(obj)); } public static CertId GetInstance(Asn1TaggedObject obj, bool isExplicit) { - return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + return new CertId(Asn1Sequence.GetInstance(obj, isExplicit)); } - public virtual GeneralName Issuer - { - get { return issuer; } - } + private readonly GeneralName m_issuer; + private readonly DerInteger m_serialNumber; - public virtual DerInteger SerialNumber + private CertId(Asn1Sequence seq) { - get { return serialNumber; } + m_issuer = GeneralName.GetInstance(seq[0]); + m_serialNumber = DerInteger.GetInstance(seq[1]); } + public virtual GeneralName Issuer => m_issuer; + + public virtual DerInteger SerialNumber => m_serialNumber; + /** * 
          * CertId ::= SEQUENCE {
@@ -51,9 +40,6 @@ namespace Org.BouncyCastle.Asn1.Crmf
          *
* @return a basic ASN.1 object representation. */ - public override Asn1Object ToAsn1Object() - { - return new DerSequence(issuer, serialNumber); - } + public override Asn1Object ToAsn1Object() => new DerSequence(m_issuer, m_serialNumber); } } diff --git a/crypto/src/asn1/crmf/CertReqMsg.cs b/crypto/src/asn1/crmf/CertReqMsg.cs index ba9cfd389..1832a34cc 100644 --- a/crypto/src/asn1/crmf/CertReqMsg.cs +++ b/crypto/src/asn1/crmf/CertReqMsg.cs @@ -5,13 +5,27 @@ namespace Org.BouncyCastle.Asn1.Crmf public class CertReqMsg : Asn1Encodable { - private readonly CertRequest certReq; - private readonly ProofOfPossession popo; - private readonly Asn1Sequence regInfo; + public static CertReqMsg GetInstance(object obj) + { + if (obj == null) + return null; + if (obj is CertReqMsg certReqMsg) + return certReqMsg; + return new CertReqMsg(Asn1Sequence.GetInstance(obj)); + } + + public static CertReqMsg GetInstance(Asn1TaggedObject obj, bool isExplicit) + { + return new CertReqMsg(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + private readonly CertRequest m_certReq; + private readonly ProofOfPossession m_pop; + private readonly Asn1Sequence m_regInfo; private CertReqMsg(Asn1Sequence seq) { - certReq = CertRequest.GetInstance(seq[0]); + m_certReq = CertRequest.GetInstance(seq[0]); for (int pos = 1; pos < seq.Count; ++pos) { @@ -19,70 +33,41 @@ namespace Org.BouncyCastle.Asn1.Crmf if (o is Asn1TaggedObject || o is ProofOfPossession) { - popo = ProofOfPossession.GetInstance(o); + m_pop = ProofOfPossession.GetInstance(o); } else { - regInfo = Asn1Sequence.GetInstance(o); + m_regInfo = Asn1Sequence.GetInstance(o); } } } - public static CertReqMsg GetInstance(object obj) - { - if (obj is CertReqMsg) - return (CertReqMsg)obj; - - if (obj != null) - return new CertReqMsg(Asn1Sequence.GetInstance(obj)); - - return null; - } - - public static CertReqMsg GetInstance( - Asn1TaggedObject obj, - bool isExplicit) - { - return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); - } - /** * Creates a new CertReqMsg. * @param certReq CertRequest * @param popo may be null * @param regInfo may be null */ - public CertReqMsg( - CertRequest certReq, - ProofOfPossession popo, - AttributeTypeAndValue[] regInfo) + public CertReqMsg(CertRequest certReq, ProofOfPossession popo, AttributeTypeAndValue[] regInfo) { - if (certReq == null) - throw new ArgumentNullException("certReq"); - - this.certReq = certReq; - this.popo = popo; + this.m_certReq = certReq ?? throw new ArgumentNullException(nameof(certReq)); + this.m_pop = popo; if (regInfo != null) { - this.regInfo = new DerSequence(regInfo); + this.m_regInfo = new DerSequence(regInfo); } } - public virtual CertRequest CertReq - { - get { return certReq; } - } + public virtual CertRequest CertReq => m_certReq; - public virtual ProofOfPossession Popo - { - get { return popo; } - } + public virtual ProofOfPossession Pop => m_pop; - public virtual AttributeTypeAndValue[] GetRegInfo() - { - return regInfo?.MapElements(AttributeTypeAndValue.GetInstance); - } + [Obsolete("Use 'Pop' instead")] + public virtual ProofOfPossession Popo => m_pop; + + public virtual AttributeTypeAndValue[] GetRegInfo() => + m_regInfo?.MapElements(AttributeTypeAndValue.GetInstance); /** * 
@@ -96,8 +81,9 @@ namespace Org.BouncyCastle.Asn1.Crmf
          */
         public override Asn1Object ToAsn1Object()
         {
-            Asn1EncodableVector v = new Asn1EncodableVector(certReq);
-            v.AddOptional(popo, regInfo);
+            Asn1EncodableVector v = new Asn1EncodableVector(2);
+            v.Add(m_certReq);
+            v.AddOptional(m_pop, m_regInfo);
             return new DerSequence(v);
         }
     }
diff --git a/crypto/src/asn1/crmf/PKMacValue.cs b/crypto/src/asn1/crmf/PKMacValue.cs
index e104c08dd..67e5ce6cc 100644
--- a/crypto/src/asn1/crmf/PKMacValue.cs
+++ b/crypto/src/asn1/crmf/PKMacValue.cs
@@ -1,8 +1,5 @@
-using System;
-
-using Org.BouncyCastle.Asn1.Cmp;
+using Org.BouncyCastle.Asn1.Cmp;
 using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Asn1.Crmf
 {
@@ -12,29 +9,27 @@ namespace Org.BouncyCastle.Asn1.Crmf
     public class PKMacValue
         : Asn1Encodable
     {
-        private readonly AlgorithmIdentifier  algID;
-        private readonly DerBitString         macValue;
-
-        private PKMacValue(Asn1Sequence seq)
+        public static PKMacValue GetInstance(object obj)
         {
-            this.algID = AlgorithmIdentifier.GetInstance(seq[0]);
-            this.macValue = DerBitString.GetInstance(seq[1]);
+            if (obj == null)
+                return null;
+            if (obj is PKMacValue pkMacValue)
+                return pkMacValue;
+            return new PKMacValue(Asn1Sequence.GetInstance(obj));
         }
 
-        public static PKMacValue GetInstance(object obj)
+        public static PKMacValue GetInstance(Asn1TaggedObject obj, bool isExplicit)
         {
-            if (obj is PKMacValue)
-                return (PKMacValue)obj;
-
-            if (obj is Asn1Sequence)
-                return new PKMacValue((Asn1Sequence)obj);
-
-            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+            return new PKMacValue(Asn1Sequence.GetInstance(obj, isExplicit));
         }
 
-        public static PKMacValue GetInstance(Asn1TaggedObject obj, bool isExplicit)
+        private readonly AlgorithmIdentifier m_algID;
+        private readonly DerBitString m_macValue;
+
+        private PKMacValue(Asn1Sequence seq)
         {
-            return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+            m_algID = AlgorithmIdentifier.GetInstance(seq[0]);
+            m_macValue = DerBitString.GetInstance(seq[1]);
         }
 
         /**
@@ -42,9 +37,7 @@ namespace Org.BouncyCastle.Asn1.Crmf
          * @param params parameters for password-based MAC
          * @param value MAC of the DER-encoded SubjectPublicKeyInfo
          */
-        public PKMacValue(
-            PbmParameter pbmParams,
-            DerBitString macValue)
+        public PKMacValue(PbmParameter pbmParams, DerBitString macValue)
             : this(new AlgorithmIdentifier(CmpObjectIdentifiers.passwordBasedMac, pbmParams), macValue)
         {
         }
@@ -54,23 +47,15 @@ namespace Org.BouncyCastle.Asn1.Crmf
          * @param aid CMPObjectIdentifiers.passwordBasedMAC, with PBMParameter
          * @param value MAC of the DER-encoded SubjectPublicKeyInfo
          */
-        public PKMacValue(
-            AlgorithmIdentifier algID,
-            DerBitString        macValue)
+        public PKMacValue(AlgorithmIdentifier algID, DerBitString macValue)
         {
-            this.algID = algID;
-            this.macValue = macValue;
+            m_algID = algID;
+            m_macValue = macValue;
         }
 
-        public virtual AlgorithmIdentifier AlgID
-        {
-            get { return algID; }
-        }
+        public virtual AlgorithmIdentifier AlgID => m_algID;
 
-        public virtual DerBitString MacValue
-        {
-            get { return macValue; }
-        }
+        public virtual DerBitString MacValue => m_macValue;
 
         /**
          * 
@@ -82,9 +67,6 @@ namespace Org.BouncyCastle.Asn1.Crmf
          * 

          * @return a basic ASN.1 object representation.
          */
-        public override Asn1Object ToAsn1Object()
-        {
-            return new DerSequence(algID, macValue);
-        }
+        public override Asn1Object ToAsn1Object() => new DerSequence(m_algID, m_macValue);
     }
 }
diff --git a/crypto/src/asn1/crmf/PopoSigningKey.cs b/crypto/src/asn1/crmf/PopoSigningKey.cs
index c4b0594f7..2d30e1a67 100644
--- a/crypto/src/asn1/crmf/PopoSigningKey.cs
+++ b/crypto/src/asn1/crmf/PopoSigningKey.cs
@@ -1,32 +1,10 @@
-using System;
-
-using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Asn1.X509;
 
 namespace Org.BouncyCastle.Asn1.Crmf
 {
     public class PopoSigningKey
         : Asn1Encodable
     {
-        private readonly PopoSigningKeyInput poposkInput;
-        private readonly AlgorithmIdentifier algorithmIdentifier;
-        private readonly DerBitString signature;
-
-        private PopoSigningKey(Asn1Sequence seq)
-        {
-            int index = 0;
-
-            if (seq[index] is Asn1TaggedObject tagObj)
-            {
-                index++;
-
-                poposkInput = PopoSigningKeyInput.GetInstance(
-                    Asn1Utilities.GetContextBaseUniversal(tagObj, 0, false, Asn1Tags.Sequence));
-            }
-            algorithmIdentifier = AlgorithmIdentifier.GetInstance(seq[index++]);
-            signature = DerBitString.GetInstance(seq[index]);
-        }
-
         public static PopoSigningKey GetInstance(object obj)
         {
             if (obj == null)
@@ -38,7 +16,26 @@ namespace Org.BouncyCastle.Asn1.Crmf
 
         public static PopoSigningKey GetInstance(Asn1TaggedObject obj, bool isExplicit)
         {
-            return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+            return new PopoSigningKey(Asn1Sequence.GetInstance(obj, isExplicit));
+        }
+
+        private readonly PopoSigningKeyInput m_poposkInput;
+        private readonly AlgorithmIdentifier m_algorithmIdentifier;
+        private readonly DerBitString m_signature;
+
+        private PopoSigningKey(Asn1Sequence seq)
+        {
+            int index = 0;
+
+            if (seq[index] is Asn1TaggedObject tagObj)
+            {
+                index++;
+
+                m_poposkInput = PopoSigningKeyInput.GetInstance(
+                    Asn1Utilities.GetContextBaseUniversal(tagObj, 0, false, Asn1Tags.Sequence));
+            }
+            m_algorithmIdentifier = AlgorithmIdentifier.GetInstance(seq[index++]);
+            m_signature = DerBitString.GetInstance(seq[index]);
         }
 
         /**
@@ -49,30 +46,18 @@ namespace Org.BouncyCastle.Asn1.Crmf
          * @param signature a signature over the DER-encoded value of poposkIn,
          *     or the DER-encoded value of certReq if poposkIn is null.
          */
-        public PopoSigningKey(
-            PopoSigningKeyInput poposkIn,
-            AlgorithmIdentifier aid,
-            DerBitString signature)
+        public PopoSigningKey(PopoSigningKeyInput poposkIn, AlgorithmIdentifier aid, DerBitString signature)
         {
-            this.poposkInput = poposkIn;
-            this.algorithmIdentifier = aid;
-            this.signature = signature;
+            m_poposkInput = poposkIn;
+            m_algorithmIdentifier = aid;
+            m_signature = signature;
         }
 
-        public virtual PopoSigningKeyInput PoposkInput
-        {
-            get { return poposkInput; }
-        }
+        public virtual PopoSigningKeyInput PoposkInput => m_poposkInput;
 
-        public virtual AlgorithmIdentifier AlgorithmIdentifier
-        {
-            get { return algorithmIdentifier; }
-        }
+        public virtual AlgorithmIdentifier AlgorithmIdentifier => m_algorithmIdentifier;
 
-        public virtual DerBitString Signature
-        {
-            get { return signature; }
-        }
+        public virtual DerBitString Signature => m_signature;
 
         /**
          * 
@@ -96,9 +81,9 @@ namespace Org.BouncyCastle.Asn1.Crmf
         public override Asn1Object ToAsn1Object()
         {
             Asn1EncodableVector v = new Asn1EncodableVector(3);
-            v.AddOptionalTagged(false, 0, poposkInput);
-            v.Add(algorithmIdentifier);
-            v.Add(signature);
+            v.AddOptionalTagged(false, 0, m_poposkInput);
+            v.Add(m_algorithmIdentifier);
+            v.Add(m_signature);
             return new DerSequence(v);
         }
     }
diff --git a/crypto/src/asn1/crmf/PopoSigningKeyInput.cs b/crypto/src/asn1/crmf/PopoSigningKeyInput.cs
index 2853e9486..865ed669d 100644
--- a/crypto/src/asn1/crmf/PopoSigningKeyInput.cs
+++ b/crypto/src/asn1/crmf/PopoSigningKeyInput.cs
@@ -1,16 +1,27 @@
-using System;
-
-using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Asn1.X509;
 
 namespace Org.BouncyCastle.Asn1.Crmf
 {
     public class PopoSigningKeyInput
         : Asn1Encodable
     {
-        private readonly GeneralName            sender;
-        private readonly PKMacValue             publicKeyMac;
-        private readonly SubjectPublicKeyInfo   publicKey;
+        public static PopoSigningKeyInput GetInstance(object obj)
+        {
+            if (obj == null)
+                return null;
+            if (obj is PopoSigningKeyInput popoSigningKeyInput)
+                return popoSigningKeyInput;
+            return new PopoSigningKeyInput(Asn1Sequence.GetInstance(obj));
+        }
+
+        public static PopoSigningKeyInput GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit)
+        {
+            return new PopoSigningKeyInput(Asn1Sequence.GetInstance(taggedObject, declaredExplicit));
+        }
+
+        private readonly GeneralName m_sender;
+        private readonly PKMacValue m_publicKeyMac;
+        private readonly SubjectPublicKeyInfo m_publicKey;
 
         private PopoSigningKeyInput(Asn1Sequence seq)
         {
@@ -18,64 +29,37 @@ namespace Org.BouncyCastle.Asn1.Crmf
 
             if (authInfo is Asn1TaggedObject tagObj)
             {
-                sender = GeneralName.GetInstance(Asn1Utilities.GetExplicitContextBaseObject(tagObj, 0));
+                m_sender = GeneralName.GetInstance(Asn1Utilities.GetExplicitContextBaseObject(tagObj, 0));
             }
             else
             {
-                publicKeyMac = PKMacValue.GetInstance(authInfo);
+                m_publicKeyMac = PKMacValue.GetInstance(authInfo);
             }
 
-            publicKey = SubjectPublicKeyInfo.GetInstance(seq[1]);
-        }
-
-        public static PopoSigningKeyInput GetInstance(object obj)
-        {
-            if (obj == null)
-                return null;
-            if (obj is PopoSigningKeyInput popoSigningKeyInput)
-                return popoSigningKeyInput;
-            return new PopoSigningKeyInput(Asn1Sequence.GetInstance(obj));
-        }
-
-        public static PopoSigningKeyInput GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit)
-        {
-            return GetInstance(Asn1Sequence.GetInstance(taggedObject, declaredExplicit));
+            m_publicKey = SubjectPublicKeyInfo.GetInstance(seq[1]);
         }
 
         /** Creates a new PopoSigningKeyInput with sender name as authInfo. */
-        public PopoSigningKeyInput(
-            GeneralName sender,
-            SubjectPublicKeyInfo spki)
+        public PopoSigningKeyInput(GeneralName sender, SubjectPublicKeyInfo spki)
         {
-            this.sender = sender;
-            this.publicKey = spki;
+            m_sender = sender;
+            m_publicKey = spki;
         }
 
         /** Creates a new PopoSigningKeyInput using password-based MAC. */
-        public PopoSigningKeyInput(
-            PKMacValue pkmac,
-            SubjectPublicKeyInfo spki)
+        public PopoSigningKeyInput(PKMacValue pkmac, SubjectPublicKeyInfo spki)
         {
-            this.publicKeyMac = pkmac;
-            this.publicKey = spki;
+            m_publicKeyMac = pkmac;
+            m_publicKey = spki;
         }
 
         /** Returns the sender field, or null if authInfo is publicKeyMac */
-        public virtual GeneralName Sender
-        {
-            get { return sender; }
-        }
+        public virtual GeneralName Sender => m_sender;
 
         /** Returns the publicKeyMac field, or null if authInfo is sender */
-        public virtual PKMacValue PublicKeyMac
-        {
-            get { return publicKeyMac; }
-        }
+        public virtual PKMacValue PublicKeyMac => m_publicKeyMac;
 
-        public virtual SubjectPublicKeyInfo PublicKey
-        {
-            get { return publicKey; }
-        }
+        public virtual SubjectPublicKeyInfo PublicKey => m_publicKey;
 
         /**
          * 
@@ -97,16 +81,16 @@ namespace Org.BouncyCastle.Asn1.Crmf
         {
             Asn1EncodableVector v = new Asn1EncodableVector(2);
 
-            if (sender != null)
+            if (m_sender != null)
             {
-                v.Add(new DerTaggedObject(false, 0, sender));
+                v.Add(new DerTaggedObject(false, 0, m_sender));
             }
             else
             {
-                v.Add(publicKeyMac);
+                v.Add(m_publicKeyMac);
             }
 
-            v.Add(publicKey);
+            v.Add(m_publicKey);
 
             return new DerSequence(v);
         }
diff --git a/crypto/src/crmf/CertificateRequestMessage.cs b/crypto/src/crmf/CertificateRequestMessage.cs
index 36149c791..d71e85e1f 100644
--- a/crypto/src/crmf/CertificateRequestMessage.cs
+++ b/crypto/src/crmf/CertificateRequestMessage.cs
@@ -130,7 +130,7 @@ namespace Org.BouncyCastle.Crmf
         /// true if proof-of-possession is present, false otherwise.
         public bool HasProofOfPossession
         {
-            get { return certReqMsg.Popo != null; }
+            get { return certReqMsg.Pop != null; }
         }
 
         /// 
@@ -139,7 +139,7 @@ namespace Org.BouncyCastle.Crmf
         /// one of: popRaVerified, popSigningKey, popKeyEncipherment, popKeyAgreement
         public int ProofOfPossession
         {
-            get { return certReqMsg.Popo.Type; }
+            get { return certReqMsg.Pop.Type; }
         }
 
         /// 
@@ -151,7 +151,7 @@ namespace Org.BouncyCastle.Crmf
         {
             get
             {
-                ProofOfPossession pop = certReqMsg.Popo;
+                ProofOfPossession pop = certReqMsg.Pop;
 
                 if (pop.Type == popSigningKey)
                 {
@@ -173,7 +173,7 @@ namespace Org.BouncyCastle.Crmf
         /// if POP not appropriate.
         public bool IsValidSigningKeyPop(IVerifierFactoryProvider verifierProvider)
         {
-            ProofOfPossession pop = certReqMsg.Popo;
+            ProofOfPossession pop = certReqMsg.Pop;
             if (pop.Type == popSigningKey)
             {
                 PopoSigningKey popoSign = PopoSigningKey.GetInstance(pop.Object);
diff --git a/crypto/test/src/cmp/test/ProtectedMessageTest.cs b/crypto/test/src/cmp/test/ProtectedMessageTest.cs
index 7f6001d81..e2df4eb40 100644
--- a/crypto/test/src/cmp/test/ProtectedMessageTest.cs
+++ b/crypto/test/src/cmp/test/ProtectedMessageTest.cs
@@ -108,7 +108,7 @@ namespace Org.BouncyCastle.Cmp.Tests
             ProtectedPkiMessage msg = new ProtectedPkiMessage(new GeneralPkiMessage(certRequestMsg.ToAsn1Message().GetDerEncoded()));
             CertReqMessages reqMsgs = CertReqMessages.GetInstance(msg.Body.Content);
             CertReqMsg reqMsg = reqMsgs.ToCertReqMsgArray()[0];
-            IsEquals(ProofOfPossession.TYPE_KEY_ENCIPHERMENT, reqMsg.Popo.Type);
+            IsEquals(ProofOfPossession.TYPE_KEY_ENCIPHERMENT, reqMsg.Pop.Type);
         }
 
         [Test]
-- 
cgit 1.4.1