summary refs log tree commit diff
path: root/crypto/src/asn1/pkcs
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/src/asn1/pkcs')
-rw-r--r--crypto/src/asn1/pkcs/CertificationRequest.cs3
-rw-r--r--crypto/src/asn1/pkcs/CertificationRequestInfo.cs43
-rw-r--r--crypto/src/asn1/pkcs/PKCSObjectIdentifiers.cs52
3 files changed, 66 insertions, 32 deletions
diff --git a/crypto/src/asn1/pkcs/CertificationRequest.cs b/crypto/src/asn1/pkcs/CertificationRequest.cs

index 35bdd56eb..98caa2268 100644
--- a/crypto/src/asn1/pkcs/CertificationRequest.cs
+++ b/crypto/src/asn1/pkcs/CertificationRequest.cs
@@ -47,7 +47,8 @@ namespace Org.BouncyCastle.Asn1.Pkcs
             this.sigBits = signature;
         }
 
-		public CertificationRequest(
+        [Obsolete("Use 'GetInstance' instead")]
+        public CertificationRequest(
             Asn1Sequence seq)
         {
 			if (seq.Count != 3)
diff --git a/crypto/src/asn1/pkcs/CertificationRequestInfo.cs b/crypto/src/asn1/pkcs/CertificationRequestInfo.cs

index d57753235..6d980131e 100644
--- a/crypto/src/asn1/pkcs/CertificationRequestInfo.cs
+++ b/crypto/src/asn1/pkcs/CertificationRequestInfo.cs
@@ -1,7 +1,6 @@
 using System;
 
 using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Asn1.Pkcs
 {
@@ -31,20 +30,13 @@ namespace Org.BouncyCastle.Asn1.Pkcs
         internal SubjectPublicKeyInfo	subjectPKInfo;
         internal Asn1Set				attributes;
 
-		public static CertificationRequestInfo GetInstance(
-            object  obj)
+		public static CertificationRequestInfo GetInstance(object obj)
         {
             if (obj is CertificationRequestInfo)
-            {
-                return (CertificationRequestInfo) obj;
-            }
-
-			if (obj is Asn1Sequence)
-            {
-                return new CertificationRequestInfo((Asn1Sequence) obj);
-            }
-
-			throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+                return (CertificationRequestInfo)obj;
+            if (obj != null)
+                return new CertificationRequestInfo(Asn1Sequence.GetInstance(obj));
+            return null;
 		}
 
 		public CertificationRequestInfo(
@@ -56,7 +48,9 @@ namespace Org.BouncyCastle.Asn1.Pkcs
             this.subjectPKInfo = pkInfo;
             this.attributes = attributes;
 
-			if (subject == null || version == null || subjectPKInfo == null)
+            ValidateAttributes(attributes);
+
+            if (subject == null || version == null || subjectPKInfo == null)
             {
                 throw new ArgumentException(
 					"Not all mandatory fields set in CertificationRequestInfo generator.");
@@ -81,7 +75,9 @@ namespace Org.BouncyCastle.Asn1.Pkcs
                 attributes = Asn1Set.GetInstance(tagobj, false);
             }
 
-			if (subject == null || version == null || subjectPKInfo == null)
+            ValidateAttributes(attributes);
+
+            if (subject == null || version == null || subjectPKInfo == null)
             {
                 throw new ArgumentException(
 					"Not all mandatory fields set in CertificationRequestInfo generator.");
@@ -120,5 +116,22 @@ namespace Org.BouncyCastle.Asn1.Pkcs
 
 			return new DerSequence(v);
         }
+
+        private static void ValidateAttributes(Asn1Set attributes)
+        {
+            if (attributes == null)
+                return;
+
+            foreach (Asn1Encodable ae in attributes)
+            {
+                Asn1Object obj = ae.ToAsn1Object();
+                AttributePkcs attr = AttributePkcs.GetInstance(obj);
+                if (attr.AttrType.Equals(PkcsObjectIdentifiers.Pkcs9AtChallengePassword))
+                {
+                    if (attr.AttrValues.Count != 1)
+                        throw new ArgumentException("challengePassword attribute must have one value");
+                }
+            }
+        }
     }
 }
diff --git a/crypto/src/asn1/pkcs/PKCSObjectIdentifiers.cs b/crypto/src/asn1/pkcs/PKCSObjectIdentifiers.cs

index 042911a06..1a9a03e9f 100644
--- a/crypto/src/asn1/pkcs/PKCSObjectIdentifiers.cs
+++ b/crypto/src/asn1/pkcs/PKCSObjectIdentifiers.cs
@@ -9,23 +9,28 @@ namespace Org.BouncyCastle.Asn1.Pkcs
         //       iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 }
         //
         public const string Pkcs1 = "1.2.840.113549.1.1";
+        internal static readonly DerObjectIdentifier Pkcs1Oid                 = new DerObjectIdentifier(Pkcs1);
+
+        public static readonly DerObjectIdentifier RsaEncryption            = Pkcs1Oid.Branch("1");
+        public static readonly DerObjectIdentifier MD2WithRsaEncryption		= Pkcs1Oid.Branch("2");
+        public static readonly DerObjectIdentifier MD4WithRsaEncryption		= Pkcs1Oid.Branch("3");
+        public static readonly DerObjectIdentifier MD5WithRsaEncryption		= Pkcs1Oid.Branch("4");
+        public static readonly DerObjectIdentifier Sha1WithRsaEncryption	= Pkcs1Oid.Branch("5");
+        public static readonly DerObjectIdentifier SrsaOaepEncryptionSet	= Pkcs1Oid.Branch("6");
+        public static readonly DerObjectIdentifier IdRsaesOaep				= Pkcs1Oid.Branch("7");
+        public static readonly DerObjectIdentifier IdMgf1					= Pkcs1Oid.Branch("8");
+        public static readonly DerObjectIdentifier IdPSpecified				= Pkcs1Oid.Branch("9");
+        public static readonly DerObjectIdentifier IdRsassaPss				= Pkcs1Oid.Branch("10");
+        public static readonly DerObjectIdentifier Sha256WithRsaEncryption	= Pkcs1Oid.Branch("11");
+        public static readonly DerObjectIdentifier Sha384WithRsaEncryption	= Pkcs1Oid.Branch("12");
+        public static readonly DerObjectIdentifier Sha512WithRsaEncryption	= Pkcs1Oid.Branch("13");
+        public static readonly DerObjectIdentifier Sha224WithRsaEncryption	= Pkcs1Oid.Branch("14");
+        /** PKCS#1: 1.2.840.113549.1.1.15 */
+        public static readonly DerObjectIdentifier Sha512_224WithRSAEncryption = Pkcs1Oid.Branch("15");
+        /** PKCS#1: 1.2.840.113549.1.1.16 */
+        public static readonly DerObjectIdentifier Sha512_256WithRSAEncryption = Pkcs1Oid.Branch("16");
 
-		public static readonly DerObjectIdentifier RsaEncryption			= new DerObjectIdentifier(Pkcs1 + ".1");
-        public static readonly DerObjectIdentifier MD2WithRsaEncryption		= new DerObjectIdentifier(Pkcs1 + ".2");
-        public static readonly DerObjectIdentifier MD4WithRsaEncryption		= new DerObjectIdentifier(Pkcs1 + ".3");
-        public static readonly DerObjectIdentifier MD5WithRsaEncryption		= new DerObjectIdentifier(Pkcs1 + ".4");
-        public static readonly DerObjectIdentifier Sha1WithRsaEncryption	= new DerObjectIdentifier(Pkcs1 + ".5");
-        public static readonly DerObjectIdentifier SrsaOaepEncryptionSet	= new DerObjectIdentifier(Pkcs1 + ".6");
-        public static readonly DerObjectIdentifier IdRsaesOaep				= new DerObjectIdentifier(Pkcs1 + ".7");
-        public static readonly DerObjectIdentifier IdMgf1					= new DerObjectIdentifier(Pkcs1 + ".8");
-        public static readonly DerObjectIdentifier IdPSpecified				= new DerObjectIdentifier(Pkcs1 + ".9");
-        public static readonly DerObjectIdentifier IdRsassaPss				= new DerObjectIdentifier(Pkcs1 + ".10");
-        public static readonly DerObjectIdentifier Sha256WithRsaEncryption	= new DerObjectIdentifier(Pkcs1 + ".11");
-        public static readonly DerObjectIdentifier Sha384WithRsaEncryption	= new DerObjectIdentifier(Pkcs1 + ".12");
-        public static readonly DerObjectIdentifier Sha512WithRsaEncryption	= new DerObjectIdentifier(Pkcs1 + ".13");
-        public static readonly DerObjectIdentifier Sha224WithRsaEncryption	= new DerObjectIdentifier(Pkcs1 + ".14");
-
-		//
+        //
         // pkcs-3 OBJECT IDENTIFIER ::= {
         //       iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 3 }
         //
@@ -195,6 +200,7 @@ namespace Org.BouncyCastle.Asn1.Pkcs
         // rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) attributes(2)}
         //
         public const string IdAA = "1.2.840.113549.1.9.16.2";
+        public static readonly DerObjectIdentifier IdAAOid = new DerObjectIdentifier(IdAA);
 
 		public static readonly DerObjectIdentifier IdAAContentHint = new DerObjectIdentifier(IdAA + ".4"); // See RFC 2634
     	public static readonly DerObjectIdentifier IdAAMsgSigDigest = new DerObjectIdentifier(IdAA + ".5");
@@ -229,6 +235,20 @@ namespace Org.BouncyCastle.Asn1.Pkcs
 		public static readonly DerObjectIdentifier IdAAEtsCertCrlTimestamp = new DerObjectIdentifier(IdAA + ".26");
 		public static readonly DerObjectIdentifier IdAAEtsArchiveTimestamp = new DerObjectIdentifier(IdAA + ".27");
 
+        /** PKCS#9: 1.2.840.113549.1.9.16.6.2.37 - <a href="https://tools.ietf.org/html/rfc4108#section-2.2.5">RFC 4108</a> */
+        public static readonly DerObjectIdentifier IdAADecryptKeyID = IdAAOid.Branch("37");
+
+        /** PKCS#9: 1.2.840.113549.1.9.16.6.2.38 - <a href="https://tools.ietf.org/html/rfc4108#section-2.2.6">RFC 4108</a> */
+        public static readonly DerObjectIdentifier IdAAImplCryptoAlgs = IdAAOid.Branch("38");
+
+        /** PKCS#9: 1.2.840.113549.1.9.16.2.54 <a href="https://tools.ietf.org/html/rfc7030">RFC7030</a>*/
+        public static readonly DerObjectIdentifier IdAAAsymmDecryptKeyID = IdAAOid.Branch("54");
+
+        /** PKCS#9: 1.2.840.113549.1.9.16.2.43   <a href="https://tools.ietf.org/html/rfc7030">RFC7030</a>*/
+        public static readonly DerObjectIdentifier IdAAImplCompressAlgs = IdAAOid.Branch("43");
+        /** PKCS#9: 1.2.840.113549.1.9.16.2.40   <a href="https://tools.ietf.org/html/rfc7030">RFC7030</a>*/
+        public static readonly DerObjectIdentifier IdAACommunityIdentifiers = IdAAOid.Branch("40");
+
 		[Obsolete("Use 'IdAAEtsSigPolicyID' instead")]
 		public static readonly DerObjectIdentifier IdAASigPolicyID = IdAAEtsSigPolicyID;
 		[Obsolete("Use 'IdAAEtsCommitmentType' instead")]
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-08-09 18:18:51 +0000