BouncyCastle update.
git-svn-id: svn://svn.code.sf.net/p/itextsharp/code/trunk@49 820d3149-562b-4f88-9aa4-a8e61a3485cfmaster
parent
a7df15bacd
commit
8438ab26f5
|
@ -1,7 +1,7 @@
|
|||
<VisualStudioProject>
|
||||
<CSHARP
|
||||
ProjectType = "Local"
|
||||
ProductVersion = "7.10.6030"
|
||||
ProductVersion = "7.10.3077"
|
||||
SchemaVersion = "2.0"
|
||||
ProjectGuid = "{84C4FDD9-3ED7-453B-B9DA-B3ED52CB071C}"
|
||||
>
|
||||
|
@ -6181,6 +6181,11 @@
|
|||
SubType = "Code"
|
||||
BuildAction = "Compile"
|
||||
/>
|
||||
<File
|
||||
RelPath = "srcbc\openssl\PEMException.cs"
|
||||
SubType = "Code"
|
||||
BuildAction = "Compile"
|
||||
/>
|
||||
<File
|
||||
RelPath = "srcbc\openssl\PEMReader.cs"
|
||||
SubType = "Code"
|
||||
|
|
|
@ -1141,7 +1141,7 @@ namespace Org.BouncyCastle.Crypto.Tls
|
|||
}
|
||||
|
||||
/**
|
||||
* Terminate this connection whith an alert.
|
||||
* Terminate this connection with an alert.
|
||||
* <p/>
|
||||
* Can be used for normal closure too.
|
||||
*
|
||||
|
|
|
@ -0,0 +1,22 @@
|
|||
using System;
|
||||
using System.IO;
|
||||
|
||||
namespace Org.BouncyCastle.OpenSsl
|
||||
{
|
||||
public class PemException
|
||||
: IOException
|
||||
{
|
||||
public PemException(
|
||||
string message)
|
||||
: base(message)
|
||||
{
|
||||
}
|
||||
|
||||
public PemException(
|
||||
string message,
|
||||
Exception exception)
|
||||
: base(message, exception)
|
||||
{
|
||||
}
|
||||
}
|
||||
}
|
|
@ -213,7 +213,7 @@ namespace Org.BouncyCastle.OpenSsl
|
|||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
throw new IOException("problem parsing cert: " + e.ToString());
|
||||
throw new PemException("problem parsing cert: " + e.ToString());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -234,7 +234,7 @@ namespace Org.BouncyCastle.OpenSsl
|
|||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
throw new IOException("problem parsing cert: " + e.ToString());
|
||||
throw new PemException("problem parsing cert: " + e.ToString());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -255,7 +255,7 @@ namespace Org.BouncyCastle.OpenSsl
|
|||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
throw new IOException("problem parsing cert: " + e.ToString());
|
||||
throw new PemException("problem parsing cert: " + e.ToString());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -293,7 +293,7 @@ namespace Org.BouncyCastle.OpenSsl
|
|||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
throw new IOException("problem parsing PKCS7 object: " + e.ToString());
|
||||
throw new PemException("problem parsing PKCS7 object: " + e.ToString());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -377,7 +377,7 @@ namespace Org.BouncyCastle.OpenSsl
|
|||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
throw new IOException(
|
||||
throw new PemException(
|
||||
"problem creating " + type + " private key: " + e.ToString());
|
||||
}
|
||||
}
|
||||
|
@ -446,7 +446,7 @@ namespace Org.BouncyCastle.OpenSsl
|
|||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
throw new IOException("problem parsing EC private key.", e);
|
||||
throw new PemException("problem parsing EC private key.", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -1,357 +1,372 @@
|
|||
using System.Collections;
|
||||
using System.Globalization;
|
||||
|
||||
using Org.BouncyCastle.Asn1;
|
||||
using Org.BouncyCastle.Asn1.CryptoPro;
|
||||
using Org.BouncyCastle.Asn1.Iana;
|
||||
using Org.BouncyCastle.Asn1.Kisa;
|
||||
using Org.BouncyCastle.Asn1.Nist;
|
||||
using Org.BouncyCastle.Asn1.Ntt;
|
||||
using Org.BouncyCastle.Asn1.Oiw;
|
||||
using Org.BouncyCastle.Asn1.Pkcs;
|
||||
using Org.BouncyCastle.Crypto;
|
||||
using Org.BouncyCastle.Crypto.Generators;
|
||||
|
||||
namespace Org.BouncyCastle.Security
|
||||
{
|
||||
public sealed class GeneratorUtilities
|
||||
{
|
||||
private GeneratorUtilities()
|
||||
{
|
||||
}
|
||||
|
||||
private static readonly Hashtable kgAlgorithms = new Hashtable();
|
||||
private static readonly Hashtable kpgAlgorithms = new Hashtable();
|
||||
|
||||
static GeneratorUtilities()
|
||||
{
|
||||
//
|
||||
// key generators.
|
||||
//
|
||||
AddKgAlgorithm("AES",
|
||||
"AESWRAP");
|
||||
AddKgAlgorithm("AES128",
|
||||
"2.16.840.1.101.3.4.2",
|
||||
NistObjectIdentifiers.IdAes128Cbc,
|
||||
NistObjectIdentifiers.IdAes128Cfb,
|
||||
NistObjectIdentifiers.IdAes128Ecb,
|
||||
NistObjectIdentifiers.IdAes128Ofb,
|
||||
NistObjectIdentifiers.IdAes128Wrap);
|
||||
AddKgAlgorithm("AES192",
|
||||
"2.16.840.1.101.3.4.22",
|
||||
NistObjectIdentifiers.IdAes192Cbc,
|
||||
NistObjectIdentifiers.IdAes192Cfb,
|
||||
NistObjectIdentifiers.IdAes192Ecb,
|
||||
NistObjectIdentifiers.IdAes192Ofb,
|
||||
NistObjectIdentifiers.IdAes192Wrap);
|
||||
AddKgAlgorithm("AES256",
|
||||
"2.16.840.1.101.3.4.42",
|
||||
NistObjectIdentifiers.IdAes256Cbc,
|
||||
NistObjectIdentifiers.IdAes256Cfb,
|
||||
NistObjectIdentifiers.IdAes256Ecb,
|
||||
NistObjectIdentifiers.IdAes256Ofb,
|
||||
NistObjectIdentifiers.IdAes256Wrap);
|
||||
AddKgAlgorithm("BLOWFISH");
|
||||
AddKgAlgorithm("CAMELLIA",
|
||||
"CAMELLIAWRAP");
|
||||
AddKgAlgorithm("CAMELLIA128",
|
||||
NttObjectIdentifiers.IdCamellia128Cbc,
|
||||
NttObjectIdentifiers.IdCamellia128Wrap);
|
||||
AddKgAlgorithm("CAMELLIA192",
|
||||
NttObjectIdentifiers.IdCamellia192Cbc,
|
||||
NttObjectIdentifiers.IdCamellia192Wrap);
|
||||
AddKgAlgorithm("CAMELLIA256",
|
||||
NttObjectIdentifiers.IdCamellia256Cbc,
|
||||
NttObjectIdentifiers.IdCamellia256Wrap);
|
||||
AddKgAlgorithm("CAST5",
|
||||
"1.2.840.113533.7.66.10");
|
||||
AddKgAlgorithm("CAST6");
|
||||
AddKgAlgorithm("DES",
|
||||
OiwObjectIdentifiers.DesCbc,
|
||||
OiwObjectIdentifiers.DesCfb,
|
||||
OiwObjectIdentifiers.DesEcb,
|
||||
OiwObjectIdentifiers.DesOfb);
|
||||
AddKgAlgorithm("DESEDE",
|
||||
"DESEDEWRAP",
|
||||
OiwObjectIdentifiers.DesEde,
|
||||
PkcsObjectIdentifiers.IdAlgCms3DesWrap);
|
||||
AddKgAlgorithm("DESEDE3",
|
||||
PkcsObjectIdentifiers.DesEde3Cbc);
|
||||
AddKgAlgorithm("GOST28147",
|
||||
"GOST",
|
||||
"GOST-28147",
|
||||
CryptoProObjectIdentifiers.GostR28147Cbc);
|
||||
AddKgAlgorithm("HC128");
|
||||
AddKgAlgorithm("HC256");
|
||||
AddKgAlgorithm("IDEA",
|
||||
"1.3.6.1.4.1.188.7.1.1.2");
|
||||
AddKgAlgorithm("NOEKEON");
|
||||
AddKgAlgorithm("RC2",
|
||||
PkcsObjectIdentifiers.RC2Cbc,
|
||||
PkcsObjectIdentifiers.IdAlgCmsRC2Wrap);
|
||||
AddKgAlgorithm("RC4",
|
||||
"ARC4",
|
||||
"1.2.840.113549.3.4");
|
||||
AddKgAlgorithm("RC5",
|
||||
"RC5-32");
|
||||
AddKgAlgorithm("RC5-64");
|
||||
AddKgAlgorithm("RC6");
|
||||
AddKgAlgorithm("RIJNDAEL");
|
||||
AddKgAlgorithm("SALSA20");
|
||||
AddKgAlgorithm("SEED",
|
||||
KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap,
|
||||
KisaObjectIdentifiers.IdSeedCbc);
|
||||
AddKgAlgorithm("SERPENT");
|
||||
AddKgAlgorithm("SKIPJACK");
|
||||
AddKgAlgorithm("TEA");
|
||||
AddKgAlgorithm("TWOFISH");
|
||||
AddKgAlgorithm("VMPC");
|
||||
AddKgAlgorithm("VMPC-KSA3");
|
||||
AddKgAlgorithm("XTEA");
|
||||
|
||||
//
|
||||
// HMac key generators
|
||||
//
|
||||
AddHMacKeyGenerator("MD2");
|
||||
AddHMacKeyGenerator("MD4");
|
||||
AddHMacKeyGenerator("MD5",
|
||||
IanaObjectIdentifiers.HmacMD5);
|
||||
AddHMacKeyGenerator("SHA1",
|
||||
PkcsObjectIdentifiers.IdHmacWithSha1,
|
||||
IanaObjectIdentifiers.HmacSha1);
|
||||
AddHMacKeyGenerator("SHA224",
|
||||
PkcsObjectIdentifiers.IdHmacWithSha224);
|
||||
AddHMacKeyGenerator("SHA256",
|
||||
PkcsObjectIdentifiers.IdHmacWithSha256);
|
||||
AddHMacKeyGenerator("SHA384",
|
||||
PkcsObjectIdentifiers.IdHmacWithSha384);
|
||||
AddHMacKeyGenerator("SHA512",
|
||||
PkcsObjectIdentifiers.IdHmacWithSha512);
|
||||
AddHMacKeyGenerator("RIPEMD128");
|
||||
AddHMacKeyGenerator("RIPEMD160",
|
||||
IanaObjectIdentifiers.HmacRipeMD160);
|
||||
AddHMacKeyGenerator("TIGER",
|
||||
IanaObjectIdentifiers.HmacTiger);
|
||||
|
||||
|
||||
|
||||
//
|
||||
// key pair generators.
|
||||
//
|
||||
AddKpgAlgorithm("DH",
|
||||
"DIFFIEHELLMAN");
|
||||
AddKpgAlgorithm("DSA");
|
||||
AddKpgAlgorithm("EC");
|
||||
AddKpgAlgorithm("ECDH",
|
||||
"ECIES");
|
||||
AddKpgAlgorithm("ECDHC");
|
||||
AddKpgAlgorithm("ECDSA");
|
||||
AddKpgAlgorithm("ECGOST3410",
|
||||
"ECGOST-3410",
|
||||
"GOST-3410-2001");
|
||||
AddKpgAlgorithm("ELGAMAL");
|
||||
AddKpgAlgorithm("GOST3410",
|
||||
"GOST-3410",
|
||||
"GOST-3410-94");
|
||||
AddKpgAlgorithm("RSA",
|
||||
"1.2.840.113549.1.1.1");
|
||||
}
|
||||
|
||||
private static void AddKgAlgorithm(
|
||||
string canonicalName,
|
||||
params object[] aliases)
|
||||
{
|
||||
kgAlgorithms[canonicalName] = canonicalName;
|
||||
|
||||
foreach (object alias in aliases)
|
||||
{
|
||||
kgAlgorithms[alias.ToString()] = canonicalName;
|
||||
}
|
||||
}
|
||||
|
||||
private static void AddKpgAlgorithm(
|
||||
string canonicalName,
|
||||
params object[] aliases)
|
||||
{
|
||||
kpgAlgorithms[canonicalName] = canonicalName;
|
||||
|
||||
foreach (object alias in aliases)
|
||||
{
|
||||
kpgAlgorithms[alias.ToString()] = canonicalName;
|
||||
}
|
||||
}
|
||||
|
||||
private static void AddHMacKeyGenerator(
|
||||
string algorithm,
|
||||
params object[] aliases)
|
||||
{
|
||||
string mainName = "HMAC" + algorithm;
|
||||
|
||||
kgAlgorithms[mainName] = mainName;
|
||||
kgAlgorithms["HMAC-" + algorithm] = mainName;
|
||||
kgAlgorithms["HMAC/" + algorithm] = mainName;
|
||||
|
||||
foreach (object alias in aliases)
|
||||
{
|
||||
kgAlgorithms[alias.ToString()] = mainName;
|
||||
}
|
||||
}
|
||||
|
||||
// TODO Consider making this public
|
||||
internal static string GetCanonicalKeyGeneratorAlgorithm(
|
||||
string algorithm)
|
||||
{
|
||||
return (string) kgAlgorithms[algorithm.ToUpper(CultureInfo.InvariantCulture)];
|
||||
}
|
||||
|
||||
// TODO Consider making this public
|
||||
internal static string GetCanonicalKeyPairGeneratorAlgorithm(
|
||||
string algorithm)
|
||||
{
|
||||
return (string) kpgAlgorithms[algorithm.ToUpper(CultureInfo.InvariantCulture)];
|
||||
}
|
||||
|
||||
public static CipherKeyGenerator GetKeyGenerator(
|
||||
DerObjectIdentifier oid)
|
||||
{
|
||||
return GetKeyGenerator(oid.Id);
|
||||
}
|
||||
|
||||
public static CipherKeyGenerator GetKeyGenerator(
|
||||
string algorithm)
|
||||
{
|
||||
string canonicalName = GetCanonicalKeyGeneratorAlgorithm(algorithm);
|
||||
|
||||
if (canonicalName == null)
|
||||
throw new SecurityUtilityException("KeyGenerator " + algorithm + " not recognised.");
|
||||
|
||||
switch (canonicalName)
|
||||
{
|
||||
case "DES":
|
||||
return new DesKeyGenerator(64);
|
||||
case "DESEDE":
|
||||
return new DesEdeKeyGenerator(128);
|
||||
case "DESEDE3":
|
||||
return new DesEdeKeyGenerator(192);
|
||||
case "AES":
|
||||
return new CipherKeyGenerator(192);
|
||||
case "AES128":
|
||||
return new CipherKeyGenerator(128);
|
||||
case "AES192":
|
||||
return new CipherKeyGenerator(192);
|
||||
case "AES256":
|
||||
return new CipherKeyGenerator(256);
|
||||
case "BLOWFISH":
|
||||
return new CipherKeyGenerator(448);
|
||||
case "CAMELLIA":
|
||||
return new CipherKeyGenerator(256);
|
||||
case "CAMELLIA128":
|
||||
return new CipherKeyGenerator(128);
|
||||
case "CAMELLIA192":
|
||||
return new CipherKeyGenerator(192);
|
||||
case "CAMELLIA256":
|
||||
return new CipherKeyGenerator(256);
|
||||
case "CAST5":
|
||||
return new CipherKeyGenerator(128);
|
||||
case "CAST6":
|
||||
return new CipherKeyGenerator(256);
|
||||
case "GOST28147":
|
||||
return new CipherKeyGenerator(256);
|
||||
case "HC128":
|
||||
return new CipherKeyGenerator(128);
|
||||
case "HC256":
|
||||
return new CipherKeyGenerator(256);
|
||||
case "HMACMD2":
|
||||
case "HMACMD4":
|
||||
case "HMACMD5":
|
||||
return new CipherKeyGenerator(128);
|
||||
case "HMACSHA1":
|
||||
return new CipherKeyGenerator(160);
|
||||
case "HMACSHA224":
|
||||
return new CipherKeyGenerator(224);
|
||||
case "HMACSHA256":
|
||||
return new CipherKeyGenerator(256);
|
||||
case "HMACSHA384":
|
||||
return new CipherKeyGenerator(384);
|
||||
case "HMACSHA512":
|
||||
return new CipherKeyGenerator(512);
|
||||
case "HMACRIPEMD128":
|
||||
return new CipherKeyGenerator(128);
|
||||
case "HMACRIPEMD160":
|
||||
return new CipherKeyGenerator(160);
|
||||
case "HMACTIGER":
|
||||
return new CipherKeyGenerator(192);
|
||||
case "IDEA":
|
||||
return new CipherKeyGenerator(128);
|
||||
case "NOEKEON":
|
||||
return new CipherKeyGenerator(128);
|
||||
case "RC2":
|
||||
case "RC4":
|
||||
case "RC5":
|
||||
return new CipherKeyGenerator(128);
|
||||
case "RC5-64":
|
||||
case "RC6":
|
||||
return new CipherKeyGenerator(256);
|
||||
case "RIJNDAEL":
|
||||
return new CipherKeyGenerator(192);
|
||||
case "SALSA20":
|
||||
return new CipherKeyGenerator(128);
|
||||
case "SEED":
|
||||
return new CipherKeyGenerator(128);
|
||||
case "SERPENT":
|
||||
return new CipherKeyGenerator(192);
|
||||
case "SKIPJACK":
|
||||
return new CipherKeyGenerator(80);
|
||||
case "TEA":
|
||||
case "XTEA":
|
||||
return new CipherKeyGenerator(128);
|
||||
case "TWOFISH":
|
||||
return new CipherKeyGenerator(256);
|
||||
case "VMPC":
|
||||
case "VMPC-KSA3":
|
||||
return new CipherKeyGenerator(128);
|
||||
}
|
||||
|
||||
throw new SecurityUtilityException("KeyGenerator " + algorithm + " not recognised.");
|
||||
}
|
||||
|
||||
public static IAsymmetricCipherKeyPairGenerator GetKeyPairGenerator(
|
||||
DerObjectIdentifier oid)
|
||||
{
|
||||
return GetKeyPairGenerator(oid.Id);
|
||||
}
|
||||
|
||||
public static IAsymmetricCipherKeyPairGenerator GetKeyPairGenerator(
|
||||
string algorithm)
|
||||
{
|
||||
string canonicalName = GetCanonicalKeyPairGeneratorAlgorithm(algorithm);
|
||||
|
||||
if (canonicalName == null)
|
||||
throw new SecurityUtilityException("KeyPairGenerator " + algorithm + " not recognised.");
|
||||
|
||||
switch (canonicalName)
|
||||
{
|
||||
case "DH":
|
||||
return new DHKeyPairGenerator();
|
||||
case "DSA":
|
||||
return new DsaKeyPairGenerator();
|
||||
case "EC":
|
||||
case "ECDH":
|
||||
case "ECDHC":
|
||||
case "ECDSA":
|
||||
case "ECGOST3410":
|
||||
return new ECKeyPairGenerator(canonicalName);
|
||||
case "ELGAMAL":
|
||||
return new ElGamalKeyPairGenerator();
|
||||
case "GOST3410":
|
||||
return new Gost3410KeyPairGenerator();
|
||||
case "RSA":
|
||||
return new RsaKeyPairGenerator();
|
||||
default:
|
||||
break;
|
||||
}
|
||||
|
||||
throw new SecurityUtilityException("KeyPairGenerator " + algorithm + " not recognised.");
|
||||
}
|
||||
}
|
||||
}
|
||||
using System.Collections;
|
||||
using System.Globalization;
|
||||
|
||||
using Org.BouncyCastle.Asn1;
|
||||
using Org.BouncyCastle.Asn1.CryptoPro;
|
||||
using Org.BouncyCastle.Asn1.Iana;
|
||||
using Org.BouncyCastle.Asn1.Kisa;
|
||||
using Org.BouncyCastle.Asn1.Nist;
|
||||
using Org.BouncyCastle.Asn1.Ntt;
|
||||
using Org.BouncyCastle.Asn1.Oiw;
|
||||
using Org.BouncyCastle.Asn1.Pkcs;
|
||||
using Org.BouncyCastle.Crypto;
|
||||
using Org.BouncyCastle.Crypto.Generators;
|
||||
|
||||
namespace Org.BouncyCastle.Security
|
||||
{
|
||||
public sealed class GeneratorUtilities
|
||||
{
|
||||
private GeneratorUtilities()
|
||||
{
|
||||
}
|
||||
|
||||
private static readonly Hashtable kgAlgorithms = new Hashtable();
|
||||
private static readonly Hashtable kpgAlgorithms = new Hashtable();
|
||||
|
||||
static GeneratorUtilities()
|
||||
{
|
||||
//
|
||||
// key generators.
|
||||
//
|
||||
AddKgAlgorithm("AES",
|
||||
"AESWRAP");
|
||||
AddKgAlgorithm("AES128",
|
||||
"2.16.840.1.101.3.4.2",
|
||||
NistObjectIdentifiers.IdAes128Cbc,
|
||||
NistObjectIdentifiers.IdAes128Cfb,
|
||||
NistObjectIdentifiers.IdAes128Ecb,
|
||||
NistObjectIdentifiers.IdAes128Ofb,
|
||||
NistObjectIdentifiers.IdAes128Wrap);
|
||||
AddKgAlgorithm("AES192",
|
||||
"2.16.840.1.101.3.4.22",
|
||||
NistObjectIdentifiers.IdAes192Cbc,
|
||||
NistObjectIdentifiers.IdAes192Cfb,
|
||||
NistObjectIdentifiers.IdAes192Ecb,
|
||||
NistObjectIdentifiers.IdAes192Ofb,
|
||||
NistObjectIdentifiers.IdAes192Wrap);
|
||||
AddKgAlgorithm("AES256",
|
||||
"2.16.840.1.101.3.4.42",
|
||||
NistObjectIdentifiers.IdAes256Cbc,
|
||||
NistObjectIdentifiers.IdAes256Cfb,
|
||||
NistObjectIdentifiers.IdAes256Ecb,
|
||||
NistObjectIdentifiers.IdAes256Ofb,
|
||||
NistObjectIdentifiers.IdAes256Wrap);
|
||||
AddKgAlgorithm("BLOWFISH",
|
||||
"1.3.6.1.4.1.3029.1.2");
|
||||
AddKgAlgorithm("CAMELLIA",
|
||||
"CAMELLIAWRAP");
|
||||
AddKgAlgorithm("CAMELLIA128",
|
||||
NttObjectIdentifiers.IdCamellia128Cbc,
|
||||
NttObjectIdentifiers.IdCamellia128Wrap);
|
||||
AddKgAlgorithm("CAMELLIA192",
|
||||
NttObjectIdentifiers.IdCamellia192Cbc,
|
||||
NttObjectIdentifiers.IdCamellia192Wrap);
|
||||
AddKgAlgorithm("CAMELLIA256",
|
||||
NttObjectIdentifiers.IdCamellia256Cbc,
|
||||
NttObjectIdentifiers.IdCamellia256Wrap);
|
||||
AddKgAlgorithm("CAST5",
|
||||
"1.2.840.113533.7.66.10");
|
||||
AddKgAlgorithm("CAST6");
|
||||
AddKgAlgorithm("DES",
|
||||
OiwObjectIdentifiers.DesCbc,
|
||||
OiwObjectIdentifiers.DesCfb,
|
||||
OiwObjectIdentifiers.DesEcb,
|
||||
OiwObjectIdentifiers.DesOfb);
|
||||
AddKgAlgorithm("DESEDE",
|
||||
"DESEDEWRAP",
|
||||
OiwObjectIdentifiers.DesEde,
|
||||
PkcsObjectIdentifiers.IdAlgCms3DesWrap);
|
||||
AddKgAlgorithm("DESEDE3",
|
||||
PkcsObjectIdentifiers.DesEde3Cbc);
|
||||
AddKgAlgorithm("GOST28147",
|
||||
"GOST",
|
||||
"GOST-28147",
|
||||
CryptoProObjectIdentifiers.GostR28147Cbc);
|
||||
AddKgAlgorithm("HC128");
|
||||
AddKgAlgorithm("HC256");
|
||||
AddKgAlgorithm("IDEA",
|
||||
"1.3.6.1.4.1.188.7.1.1.2");
|
||||
AddKgAlgorithm("NOEKEON");
|
||||
AddKgAlgorithm("RC2",
|
||||
PkcsObjectIdentifiers.RC2Cbc,
|
||||
PkcsObjectIdentifiers.IdAlgCmsRC2Wrap);
|
||||
AddKgAlgorithm("RC4",
|
||||
"ARC4",
|
||||
"1.2.840.113549.3.4");
|
||||
AddKgAlgorithm("RC5",
|
||||
"RC5-32");
|
||||
AddKgAlgorithm("RC5-64");
|
||||
AddKgAlgorithm("RC6");
|
||||
AddKgAlgorithm("RIJNDAEL");
|
||||
AddKgAlgorithm("SALSA20");
|
||||
AddKgAlgorithm("SEED",
|
||||
KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap,
|
||||
KisaObjectIdentifiers.IdSeedCbc);
|
||||
AddKgAlgorithm("SERPENT");
|
||||
AddKgAlgorithm("SKIPJACK");
|
||||
AddKgAlgorithm("TEA");
|
||||
AddKgAlgorithm("TWOFISH");
|
||||
AddKgAlgorithm("VMPC");
|
||||
AddKgAlgorithm("VMPC-KSA3");
|
||||
AddKgAlgorithm("XTEA");
|
||||
|
||||
//
|
||||
// HMac key generators
|
||||
//
|
||||
AddHMacKeyGenerator("MD2");
|
||||
AddHMacKeyGenerator("MD4");
|
||||
AddHMacKeyGenerator("MD5",
|
||||
IanaObjectIdentifiers.HmacMD5);
|
||||
AddHMacKeyGenerator("SHA1",
|
||||
PkcsObjectIdentifiers.IdHmacWithSha1,
|
||||
IanaObjectIdentifiers.HmacSha1);
|
||||
AddHMacKeyGenerator("SHA224",
|
||||
PkcsObjectIdentifiers.IdHmacWithSha224);
|
||||
AddHMacKeyGenerator("SHA256",
|
||||
PkcsObjectIdentifiers.IdHmacWithSha256);
|
||||
AddHMacKeyGenerator("SHA384",
|
||||
PkcsObjectIdentifiers.IdHmacWithSha384);
|
||||
AddHMacKeyGenerator("SHA512",
|
||||
PkcsObjectIdentifiers.IdHmacWithSha512);
|
||||
AddHMacKeyGenerator("RIPEMD128");
|
||||
AddHMacKeyGenerator("RIPEMD160",
|
||||
IanaObjectIdentifiers.HmacRipeMD160);
|
||||
AddHMacKeyGenerator("TIGER",
|
||||
IanaObjectIdentifiers.HmacTiger);
|
||||
|
||||
|
||||
|
||||
//
|
||||
// key pair generators.
|
||||
//
|
||||
AddKpgAlgorithm("DH",
|
||||
"DIFFIEHELLMAN");
|
||||
AddKpgAlgorithm("DSA");
|
||||
AddKpgAlgorithm("EC");
|
||||
AddKpgAlgorithm("ECDH",
|
||||
"ECIES");
|
||||
AddKpgAlgorithm("ECDHC");
|
||||
AddKpgAlgorithm("ECDSA");
|
||||
AddKpgAlgorithm("ECGOST3410",
|
||||
"ECGOST-3410",
|
||||
"GOST-3410-2001");
|
||||
AddKpgAlgorithm("ELGAMAL");
|
||||
AddKpgAlgorithm("GOST3410",
|
||||
"GOST-3410",
|
||||
"GOST-3410-94");
|
||||
AddKpgAlgorithm("RSA",
|
||||
"1.2.840.113549.1.1.1");
|
||||
}
|
||||
|
||||
private static void AddKgAlgorithm(
|
||||
string canonicalName,
|
||||
params object[] aliases)
|
||||
{
|
||||
kgAlgorithms[canonicalName] = canonicalName;
|
||||
|
||||
foreach (object alias in aliases)
|
||||
{
|
||||
kgAlgorithms[alias.ToString()] = canonicalName;
|
||||
}
|
||||
}
|
||||
|
||||
private static void AddKpgAlgorithm(
|
||||
string canonicalName,
|
||||
params object[] aliases)
|
||||
{
|
||||
kpgAlgorithms[canonicalName] = canonicalName;
|
||||
|
||||
foreach (object alias in aliases)
|
||||
{
|
||||
kpgAlgorithms[alias.ToString()] = canonicalName;
|
||||
}
|
||||
}
|
||||
|
||||
private static void AddHMacKeyGenerator(
|
||||
string algorithm,
|
||||
params object[] aliases)
|
||||
{
|
||||
string mainName = "HMAC" + algorithm;
|
||||
|
||||
kgAlgorithms[mainName] = mainName;
|
||||
kgAlgorithms["HMAC-" + algorithm] = mainName;
|
||||
kgAlgorithms["HMAC/" + algorithm] = mainName;
|
||||
|
||||
foreach (object alias in aliases)
|
||||
{
|
||||
kgAlgorithms[alias.ToString()] = mainName;
|
||||
}
|
||||
}
|
||||
|
||||
// TODO Consider making this public
|
||||
internal static string GetCanonicalKeyGeneratorAlgorithm(
|
||||
string algorithm)
|
||||
{
|
||||
return (string) kgAlgorithms[algorithm.ToUpper(CultureInfo.InvariantCulture)];
|
||||
}
|
||||
|
||||
// TODO Consider making this public
|
||||
internal static string GetCanonicalKeyPairGeneratorAlgorithm(
|
||||
string algorithm)
|
||||
{
|
||||
return (string) kpgAlgorithms[algorithm.ToUpper(CultureInfo.InvariantCulture)];
|
||||
}
|
||||
|
||||
public static CipherKeyGenerator GetKeyGenerator(
|
||||
DerObjectIdentifier oid)
|
||||
{
|
||||
return GetKeyGenerator(oid.Id);
|
||||
}
|
||||
|
||||
public static CipherKeyGenerator GetKeyGenerator(
|
||||
string algorithm)
|
||||
{
|
||||
string canonicalName = GetCanonicalKeyGeneratorAlgorithm(algorithm);
|
||||
|
||||
if (canonicalName == null)
|
||||
throw new SecurityUtilityException("KeyGenerator " + algorithm + " not recognised.");
|
||||
|
||||
int defaultKeySize = FindDefaultKeySize(canonicalName);
|
||||
if (defaultKeySize == -1)
|
||||
throw new SecurityUtilityException("KeyGenerator " + algorithm
|
||||
+ " (" + canonicalName + ") not supported.");
|
||||
|
||||
switch (canonicalName)
|
||||
{
|
||||
case "DES":
|
||||
return new DesKeyGenerator(defaultKeySize);
|
||||
case "DESEDE":
|
||||
case "DESEDE3":
|
||||
return new DesEdeKeyGenerator(defaultKeySize);
|
||||
default:
|
||||
return new CipherKeyGenerator(defaultKeySize);
|
||||
}
|
||||
}
|
||||
|
||||
public static IAsymmetricCipherKeyPairGenerator GetKeyPairGenerator(
|
||||
DerObjectIdentifier oid)
|
||||
{
|
||||
return GetKeyPairGenerator(oid.Id);
|
||||
}
|
||||
|
||||
public static IAsymmetricCipherKeyPairGenerator GetKeyPairGenerator(
|
||||
string algorithm)
|
||||
{
|
||||
string canonicalName = GetCanonicalKeyPairGeneratorAlgorithm(algorithm);
|
||||
|
||||
if (canonicalName == null)
|
||||
throw new SecurityUtilityException("KeyPairGenerator " + algorithm + " not recognised.");
|
||||
|
||||
switch (canonicalName)
|
||||
{
|
||||
case "DH":
|
||||
return new DHKeyPairGenerator();
|
||||
case "DSA":
|
||||
return new DsaKeyPairGenerator();
|
||||
case "EC":
|
||||
case "ECDH":
|
||||
case "ECDHC":
|
||||
case "ECDSA":
|
||||
case "ECGOST3410":
|
||||
return new ECKeyPairGenerator(canonicalName);
|
||||
case "ELGAMAL":
|
||||
return new ElGamalKeyPairGenerator();
|
||||
case "GOST3410":
|
||||
return new Gost3410KeyPairGenerator();
|
||||
case "RSA":
|
||||
return new RsaKeyPairGenerator();
|
||||
default:
|
||||
break;
|
||||
}
|
||||
|
||||
throw new SecurityUtilityException("KeyPairGenerator " + algorithm
|
||||
+ " (" + canonicalName + ") not supported.");
|
||||
}
|
||||
|
||||
internal static int GetDefaultKeySize(
|
||||
DerObjectIdentifier oid)
|
||||
{
|
||||
return GetDefaultKeySize(oid.Id);
|
||||
}
|
||||
|
||||
internal static int GetDefaultKeySize(
|
||||
string algorithm)
|
||||
{
|
||||
string canonicalName = GetCanonicalKeyGeneratorAlgorithm(algorithm);
|
||||
|
||||
if (canonicalName == null)
|
||||
throw new SecurityUtilityException("KeyGenerator " + algorithm + " not recognised.");
|
||||
|
||||
int defaultKeySize = FindDefaultKeySize(canonicalName);
|
||||
if (defaultKeySize == -1)
|
||||
throw new SecurityUtilityException("KeyGenerator " + algorithm
|
||||
+ " (" + canonicalName + ") not supported.");
|
||||
|
||||
return defaultKeySize;
|
||||
}
|
||||
|
||||
private static int FindDefaultKeySize(
|
||||
string canonicalName)
|
||||
{
|
||||
switch (canonicalName)
|
||||
{
|
||||
case "DES":
|
||||
return 64;
|
||||
case "BLOWFISH":
|
||||
case "SKIPJACK":
|
||||
return 80;
|
||||
case "AES128":
|
||||
case "CAMELLIA128":
|
||||
case "CAST5":
|
||||
case "DESEDE":
|
||||
case "HC128":
|
||||
case "HMACMD2":
|
||||
case "HMACMD4":
|
||||
case "HMACMD5":
|
||||
case "HMACRIPEMD128":
|
||||
case "IDEA":
|
||||
case "NOEKEON":
|
||||
case "RC2":
|
||||
case "RC4":
|
||||
case "RC5":
|
||||
case "SALSA20":
|
||||
case "SEED":
|
||||
case "TEA":
|
||||
case "XTEA":
|
||||
case "VMPC":
|
||||
case "VMPC-KSA3":
|
||||
return 128;
|
||||
case "HMACRIPEMD160":
|
||||
case "HMACSHA1":
|
||||
return 160;
|
||||
case "AES":
|
||||
case "AES192":
|
||||
case "CAMELLIA192":
|
||||
case "DESEDE3":
|
||||
case "HMACTIGER":
|
||||
case "RIJNDAEL":
|
||||
case "SERPENT":
|
||||
return 192;
|
||||
case "HMACSHA224":
|
||||
return 224;
|
||||
case "AES256":
|
||||
case "CAMELLIA":
|
||||
case "CAMELLIA256":
|
||||
case "CAST6":
|
||||
case "GOST28147":
|
||||
case "HC256":
|
||||
case "HMACSHA256":
|
||||
case "RC5-64":
|
||||
case "RC6":
|
||||
case "TWOFISH":
|
||||
return 256;
|
||||
case "HMACSHA384":
|
||||
return 384;
|
||||
case "HMACSHA512":
|
||||
return 512;
|
||||
default:
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,322 +1,324 @@
|
|||
using System;
|
||||
using System.Collections;
|
||||
using System.Globalization;
|
||||
|
||||
using Org.BouncyCastle.Asn1;
|
||||
using Org.BouncyCastle.Asn1.CryptoPro;
|
||||
using Org.BouncyCastle.Asn1.Kisa;
|
||||
using Org.BouncyCastle.Asn1.Misc;
|
||||
using Org.BouncyCastle.Asn1.Nist;
|
||||
using Org.BouncyCastle.Asn1.Ntt;
|
||||
using Org.BouncyCastle.Asn1.Oiw;
|
||||
using Org.BouncyCastle.Asn1.Pkcs;
|
||||
using Org.BouncyCastle.Crypto;
|
||||
using Org.BouncyCastle.Crypto.Parameters;
|
||||
|
||||
namespace Org.BouncyCastle.Security
|
||||
{
|
||||
public sealed class ParameterUtilities
|
||||
{
|
||||
private ParameterUtilities()
|
||||
{
|
||||
}
|
||||
|
||||
private static readonly Hashtable algorithms = new Hashtable();
|
||||
|
||||
static ParameterUtilities()
|
||||
{
|
||||
AddAlgorithm("AES",
|
||||
"AESWRAP");
|
||||
AddAlgorithm("AES128",
|
||||
"2.16.840.1.101.3.4.2",
|
||||
NistObjectIdentifiers.IdAes128Cbc,
|
||||
NistObjectIdentifiers.IdAes128Cfb,
|
||||
NistObjectIdentifiers.IdAes128Ecb,
|
||||
NistObjectIdentifiers.IdAes128Ofb,
|
||||
NistObjectIdentifiers.IdAes128Wrap);
|
||||
AddAlgorithm("AES192",
|
||||
"2.16.840.1.101.3.4.22",
|
||||
NistObjectIdentifiers.IdAes192Cbc,
|
||||
NistObjectIdentifiers.IdAes192Cfb,
|
||||
NistObjectIdentifiers.IdAes192Ecb,
|
||||
NistObjectIdentifiers.IdAes192Ofb,
|
||||
NistObjectIdentifiers.IdAes192Wrap);
|
||||
AddAlgorithm("AES256",
|
||||
"2.16.840.1.101.3.4.42",
|
||||
NistObjectIdentifiers.IdAes256Cbc,
|
||||
NistObjectIdentifiers.IdAes256Cfb,
|
||||
NistObjectIdentifiers.IdAes256Ecb,
|
||||
NistObjectIdentifiers.IdAes256Ofb,
|
||||
NistObjectIdentifiers.IdAes256Wrap);
|
||||
AddAlgorithm("BLOWFISH");
|
||||
AddAlgorithm("CAMELLIA",
|
||||
"CAMELLIAWRAP");
|
||||
AddAlgorithm("CAMELLIA128",
|
||||
NttObjectIdentifiers.IdCamellia128Cbc,
|
||||
NttObjectIdentifiers.IdCamellia128Wrap);
|
||||
AddAlgorithm("CAMELLIA192",
|
||||
NttObjectIdentifiers.IdCamellia192Cbc,
|
||||
NttObjectIdentifiers.IdCamellia192Wrap);
|
||||
AddAlgorithm("CAMELLIA256",
|
||||
NttObjectIdentifiers.IdCamellia256Cbc,
|
||||
NttObjectIdentifiers.IdCamellia256Wrap);
|
||||
AddAlgorithm("CAST5",
|
||||
"1.2.840.113533.7.66.10");
|
||||
AddAlgorithm("CAST6");
|
||||
AddAlgorithm("DES",
|
||||
OiwObjectIdentifiers.DesCbc,
|
||||
OiwObjectIdentifiers.DesCfb,
|
||||
OiwObjectIdentifiers.DesEcb,
|
||||
OiwObjectIdentifiers.DesOfb);
|
||||
AddAlgorithm("DESEDE",
|
||||
"DESEDEWRAP",
|
||||
OiwObjectIdentifiers.DesEde,
|
||||
PkcsObjectIdentifiers.IdAlgCms3DesWrap);
|
||||
AddAlgorithm("DESEDE3",
|
||||
PkcsObjectIdentifiers.DesEde3Cbc);
|
||||
AddAlgorithm("GOST28147",
|
||||
"GOST",
|
||||
"GOST-28147",
|
||||
CryptoProObjectIdentifiers.GostR28147Cbc);
|
||||
AddAlgorithm("HC128");
|
||||
AddAlgorithm("HC256");
|
||||
AddAlgorithm("IDEA",
|
||||
"1.3.6.1.4.1.188.7.1.1.2");
|
||||
AddAlgorithm("NOEKEON");
|
||||
AddAlgorithm("RC2",
|
||||
PkcsObjectIdentifiers.RC2Cbc,
|
||||
PkcsObjectIdentifiers.IdAlgCmsRC2Wrap);
|
||||
AddAlgorithm("RC4",
|
||||
"ARC4",
|
||||
"1.2.840.113549.3.4");
|
||||
AddAlgorithm("RC5",
|
||||
"RC5-32");
|
||||
AddAlgorithm("RC5-64");
|
||||
AddAlgorithm("RC6");
|
||||
AddAlgorithm("RIJNDAEL");
|
||||
AddAlgorithm("SALSA20");
|
||||
AddAlgorithm("SEED",
|
||||
KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap,
|
||||
KisaObjectIdentifiers.IdSeedCbc);
|
||||
AddAlgorithm("SERPENT");
|
||||
AddAlgorithm("SKIPJACK");
|
||||
AddAlgorithm("TEA");
|
||||
AddAlgorithm("TWOFISH");
|
||||
AddAlgorithm("VMPC");
|
||||
AddAlgorithm("VMPC-KSA3");
|
||||
AddAlgorithm("XTEA");
|
||||
}
|
||||
|
||||
private static void AddAlgorithm(
|
||||
string canonicalName,
|
||||
params object[] aliases)
|
||||
{
|
||||
algorithms[canonicalName] = canonicalName;
|
||||
|
||||
foreach (object alias in aliases)
|
||||
{
|
||||
algorithms[alias.ToString()] = canonicalName;
|
||||
}
|
||||
}
|
||||
|
||||
public static string GetCanonicalAlgorithmName(
|
||||
string algorithm)
|
||||
{
|
||||
return (string) algorithms[algorithm.ToUpper(CultureInfo.InvariantCulture)];
|
||||
}
|
||||
|
||||
public static KeyParameter CreateKeyParameter(
|
||||
DerObjectIdentifier algOid,
|
||||
byte[] keyBytes)
|
||||
{
|
||||
return CreateKeyParameter(algOid.Id, keyBytes, 0, keyBytes.Length);
|
||||
}
|
||||
|
||||
public static KeyParameter CreateKeyParameter(
|
||||
string algorithm,
|
||||
byte[] keyBytes)
|
||||
{
|
||||
return CreateKeyParameter(algorithm, keyBytes, 0, keyBytes.Length);
|
||||
}
|
||||
|
||||
public static KeyParameter CreateKeyParameter(
|
||||
DerObjectIdentifier algOid,
|
||||
byte[] keyBytes,
|
||||
int offset,
|
||||
int length)
|
||||
{
|
||||
return CreateKeyParameter(algOid.Id, keyBytes, offset, length);
|
||||
}
|
||||
|
||||
public static KeyParameter CreateKeyParameter(
|
||||
string algorithm,
|
||||
byte[] keyBytes,
|
||||
int offset,
|
||||
int length)
|
||||
{
|
||||
if (algorithm == null)
|
||||
throw new ArgumentNullException("algorithm");
|
||||
|
||||
string canonical = GetCanonicalAlgorithmName(algorithm);
|
||||
|
||||
if (canonical == null)
|
||||
throw new SecurityUtilityException("Algorithm " + algorithm + " not recognised.");
|
||||
|
||||
switch (canonical)
|
||||
{
|
||||
case "DES":
|
||||
return new DesParameters(keyBytes, offset, length);
|
||||
case "DESEDE":
|
||||
case "DESEDE3":
|
||||
return new DesEdeParameters(keyBytes, offset, length);
|
||||
case "RC2":
|
||||
return new RC2Parameters(keyBytes, offset, length);
|
||||
default:
|
||||
return new KeyParameter(keyBytes, offset, length);
|
||||
}
|
||||
}
|
||||
|
||||
public static ICipherParameters GetCipherParameters(
|
||||
DerObjectIdentifier algOid,
|
||||
ICipherParameters key,
|
||||
Asn1Object asn1Params)
|
||||
{
|
||||
return GetCipherParameters(algOid.Id, key, asn1Params);
|
||||
}
|
||||
|
||||
public static ICipherParameters GetCipherParameters(
|
||||
string algorithm,
|
||||
ICipherParameters key,
|
||||
Asn1Object asn1Params)
|
||||
{
|
||||
if (algorithm == null)
|
||||
throw new ArgumentNullException("algorithm");
|
||||
|
||||
string canonical = GetCanonicalAlgorithmName(algorithm);
|
||||
|
||||
if (canonical == null)
|
||||
throw new SecurityUtilityException("Algorithm " + algorithm + " not recognised.");
|
||||
|
||||
byte[] iv = null;
|
||||
|
||||
try
|
||||
{
|
||||
switch (canonical)
|
||||
{
|
||||
case "AES":
|
||||
case "AES128":
|
||||
case "AES192":
|
||||
case "AES256":
|
||||
case "BLOWFISH":
|
||||
case "CAMELLIA":
|
||||
case "CAMELLIA128":
|
||||
case "CAMELLIA192":
|
||||
case "CAMELLIA256":
|
||||
case "DES":
|
||||
case "DESEDE":
|
||||
case "DESEDE3":
|
||||
case "NOEKEON":
|
||||
case "RIJNDAEL":
|
||||
case "SEED":
|
||||
case "SKIPJACK":
|
||||
case "TWOFISH":
|
||||
iv = ((Asn1OctetString) asn1Params).GetOctets();
|
||||
break;
|
||||
case "RC2":
|
||||
iv = RC2CbcParameter.GetInstance(asn1Params).GetIV();
|
||||
break;
|
||||
case "IDEA":
|
||||
iv = IdeaCbcPar.GetInstance(asn1Params).GetIV();
|
||||
break;
|
||||
case "CAST5":
|
||||
iv = Cast5CbcParameters.GetInstance(asn1Params).GetIV();
|
||||
break;
|
||||
}
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
throw new ArgumentException("Could not process ASN.1 parameters", e);
|
||||
}
|
||||
|
||||
if (iv != null)
|
||||
{
|
||||
return new ParametersWithIV(key, iv);
|
||||
}
|
||||
|
||||
throw new SecurityUtilityException("Algorithm " + algorithm + " not recognised.");
|
||||
}
|
||||
|
||||
public static Asn1Encodable GenerateParameters(
|
||||
DerObjectIdentifier algID,
|
||||
SecureRandom random)
|
||||
{
|
||||
return GenerateParameters(algID.Id, random);
|
||||
}
|
||||
|
||||
public static Asn1Encodable GenerateParameters(
|
||||
string algorithm,
|
||||
SecureRandom random)
|
||||
{
|
||||
if (algorithm == null)
|
||||
throw new ArgumentNullException("algorithm");
|
||||
|
||||
string canonical = GetCanonicalAlgorithmName(algorithm);
|
||||
|
||||
if (canonical == null)
|
||||
throw new SecurityUtilityException("Algorithm " + algorithm + " not recognised.");
|
||||
|
||||
switch (canonical)
|
||||
{
|
||||
// TODO These algorithms support an IV (see GetCipherParameters)
|
||||
// but JCE doesn't seem to provide an AlgorithmParametersGenerator for them
|
||||
// case "BLOWFISH":
|
||||
// case "RIJNDAEL":
|
||||
// case "SKIPJACK":
|
||||
// case "TWOFISH":
|
||||
|
||||
case "AES":
|
||||
case "AES128":
|
||||
case "AES192":
|
||||
case "AES256":
|
||||
return CreateIVOctetString(random, 16);
|
||||
case "CAMELLIA":
|
||||
case "CAMELLIA128":
|
||||
case "CAMELLIA192":
|
||||
case "CAMELLIA256":
|
||||
return CreateIVOctetString(random, 16);
|
||||
case "CAST5":
|
||||
return new Cast5CbcParameters(CreateIV(random, 8), 128);
|
||||
case "DES":
|
||||
case "DESEDE":
|
||||
case "DESEDE3":
|
||||
return CreateIVOctetString(random, 8);
|
||||
case "IDEA":
|
||||
return new IdeaCbcPar(CreateIV(random, 8));
|
||||
case "NOEKEON":
|
||||
return CreateIVOctetString(random, 16);
|
||||
case "RC2":
|
||||
return new RC2CbcParameter(CreateIV(random, 8));
|
||||
case "SEED":
|
||||
return CreateIVOctetString(random, 16);
|
||||
}
|
||||
|
||||
throw new SecurityUtilityException("Algorithm " + algorithm + " not recognised.");
|
||||
}
|
||||
|
||||
private static Asn1OctetString CreateIVOctetString(
|
||||
SecureRandom random,
|
||||
int ivLength)
|
||||
{
|
||||
return new DerOctetString(CreateIV(random, ivLength));
|
||||
}
|
||||
|
||||
private static byte[] CreateIV(
|
||||
SecureRandom random,
|
||||
int ivLength)
|
||||
{
|
||||
byte[] iv = new byte[ivLength];
|
||||
random.NextBytes(iv);
|
||||
return iv;
|
||||
}
|
||||
}
|
||||
}
|
||||
using System;
|
||||
using System.Collections;
|
||||
using System.Globalization;
|
||||
|
||||
using Org.BouncyCastle.Asn1;
|
||||
using Org.BouncyCastle.Asn1.CryptoPro;
|
||||
using Org.BouncyCastle.Asn1.Kisa;
|
||||
using Org.BouncyCastle.Asn1.Misc;
|
||||
using Org.BouncyCastle.Asn1.Nist;
|
||||
using Org.BouncyCastle.Asn1.Ntt;
|
||||
using Org.BouncyCastle.Asn1.Oiw;
|
||||
using Org.BouncyCastle.Asn1.Pkcs;
|
||||
using Org.BouncyCastle.Crypto;
|
||||
using Org.BouncyCastle.Crypto.Parameters;
|
||||
|
||||
namespace Org.BouncyCastle.Security
|
||||
{
|
||||
public sealed class ParameterUtilities
|
||||
{
|
||||
private ParameterUtilities()
|
||||
{
|
||||
}
|
||||
|
||||
private static readonly Hashtable algorithms = new Hashtable();
|
||||
|
||||
static ParameterUtilities()
|
||||
{
|
||||
AddAlgorithm("AES",
|
||||
"AESWRAP");
|
||||
AddAlgorithm("AES128",
|
||||
"2.16.840.1.101.3.4.2",
|
||||
NistObjectIdentifiers.IdAes128Cbc,
|
||||
NistObjectIdentifiers.IdAes128Cfb,
|
||||
NistObjectIdentifiers.IdAes128Ecb,
|
||||
NistObjectIdentifiers.IdAes128Ofb,
|
||||
NistObjectIdentifiers.IdAes128Wrap);
|
||||
AddAlgorithm("AES192",
|
||||
"2.16.840.1.101.3.4.22",
|
||||
NistObjectIdentifiers.IdAes192Cbc,
|
||||
NistObjectIdentifiers.IdAes192Cfb,
|
||||
NistObjectIdentifiers.IdAes192Ecb,
|
||||
NistObjectIdentifiers.IdAes192Ofb,
|
||||
NistObjectIdentifiers.IdAes192Wrap);
|
||||
AddAlgorithm("AES256",
|
||||
"2.16.840.1.101.3.4.42",
|
||||
NistObjectIdentifiers.IdAes256Cbc,
|
||||
NistObjectIdentifiers.IdAes256Cfb,
|
||||
NistObjectIdentifiers.IdAes256Ecb,
|
||||
NistObjectIdentifiers.IdAes256Ofb,
|
||||
NistObjectIdentifiers.IdAes256Wrap);
|
||||
AddAlgorithm("BLOWFISH",
|
||||
"1.3.6.1.4.1.3029.1.2");
|
||||
AddAlgorithm("CAMELLIA",
|
||||
"CAMELLIAWRAP");
|
||||
AddAlgorithm("CAMELLIA128",
|
||||
NttObjectIdentifiers.IdCamellia128Cbc,
|
||||
NttObjectIdentifiers.IdCamellia128Wrap);
|
||||
AddAlgorithm("CAMELLIA192",
|
||||
NttObjectIdentifiers.IdCamellia192Cbc,
|
||||
NttObjectIdentifiers.IdCamellia192Wrap);
|
||||
AddAlgorithm("CAMELLIA256",
|
||||
NttObjectIdentifiers.IdCamellia256Cbc,
|
||||
NttObjectIdentifiers.IdCamellia256Wrap);
|
||||
AddAlgorithm("CAST5",
|
||||
"1.2.840.113533.7.66.10");
|
||||
AddAlgorithm("CAST6");
|
||||
AddAlgorithm("DES",
|
||||
OiwObjectIdentifiers.DesCbc,
|
||||
OiwObjectIdentifiers.DesCfb,
|
||||
OiwObjectIdentifiers.DesEcb,
|
||||
OiwObjectIdentifiers.DesOfb);
|
||||
AddAlgorithm("DESEDE",
|
||||
"DESEDEWRAP",
|
||||
OiwObjectIdentifiers.DesEde,
|
||||
PkcsObjectIdentifiers.IdAlgCms3DesWrap);
|
||||
AddAlgorithm("DESEDE3",
|
||||
PkcsObjectIdentifiers.DesEde3Cbc);
|
||||
AddAlgorithm("GOST28147",
|
||||
"GOST",
|
||||
"GOST-28147",
|
||||
CryptoProObjectIdentifiers.GostR28147Cbc);
|
||||
AddAlgorithm("HC128");
|
||||
AddAlgorithm("HC256");
|
||||
AddAlgorithm("IDEA",
|
||||
"1.3.6.1.4.1.188.7.1.1.2");
|
||||
AddAlgorithm("NOEKEON");
|
||||
AddAlgorithm("RC2",
|
||||
PkcsObjectIdentifiers.RC2Cbc,
|
||||
PkcsObjectIdentifiers.IdAlgCmsRC2Wrap);
|
||||
AddAlgorithm("RC4",
|
||||
"ARC4",
|
||||
"1.2.840.113549.3.4");
|
||||
AddAlgorithm("RC5",
|
||||
"RC5-32");
|
||||
AddAlgorithm("RC5-64");
|
||||
AddAlgorithm("RC6");
|
||||
AddAlgorithm("RIJNDAEL");
|
||||
AddAlgorithm("SALSA20");
|
||||
AddAlgorithm("SEED",
|
||||
KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap,
|
||||
KisaObjectIdentifiers.IdSeedCbc);
|
||||
AddAlgorithm("SERPENT");
|
||||
AddAlgorithm("SKIPJACK");
|
||||
AddAlgorithm("TEA");
|
||||
AddAlgorithm("TWOFISH");
|
||||
AddAlgorithm("VMPC");
|
||||
AddAlgorithm("VMPC-KSA3");
|
||||
AddAlgorithm("XTEA");
|
||||
}
|
||||
|
||||
private static void AddAlgorithm(
|
||||
string canonicalName,
|
||||
params object[] aliases)
|
||||
{
|
||||
algorithms[canonicalName] = canonicalName;
|
||||
|
||||
foreach (object alias in aliases)
|
||||
{
|
||||
algorithms[alias.ToString()] = canonicalName;
|
||||
}
|
||||
}
|
||||
|
||||
public static string GetCanonicalAlgorithmName(
|
||||
string algorithm)
|
||||
{
|
||||
return (string) algorithms[algorithm.ToUpper(CultureInfo.InvariantCulture)];
|
||||
}
|
||||
|
||||
public static KeyParameter CreateKeyParameter(
|
||||
DerObjectIdentifier algOid,
|
||||
byte[] keyBytes)
|
||||
{
|
||||
return CreateKeyParameter(algOid.Id, keyBytes, 0, keyBytes.Length);
|
||||
}
|
||||
|
||||
public static KeyParameter CreateKeyParameter(
|
||||
string algorithm,
|
||||
byte[] keyBytes)
|
||||
{
|
||||
return CreateKeyParameter(algorithm, keyBytes, 0, keyBytes.Length);
|
||||
}
|
||||
|
||||
public static KeyParameter CreateKeyParameter(
|
||||
DerObjectIdentifier algOid,
|
||||
byte[] keyBytes,
|
||||
int offset,
|
||||
int length)
|
||||
{
|
||||
return CreateKeyParameter(algOid.Id, keyBytes, offset, length);
|
||||
}
|
||||
|
||||
public static KeyParameter CreateKeyParameter(
|
||||
string algorithm,
|
||||
byte[] keyBytes,
|
||||
int offset,
|
||||
int length)
|
||||
{
|
||||
if (algorithm == null)
|
||||
throw new ArgumentNullException("algorithm");
|
||||
|
||||
string canonical = GetCanonicalAlgorithmName(algorithm);
|
||||
|
||||
if (canonical == null)
|
||||
throw new SecurityUtilityException("Algorithm " + algorithm + " not recognised.");
|
||||
|
||||
switch (canonical)
|
||||
{
|
||||
case "DES":
|
||||
return new DesParameters(keyBytes, offset, length);
|
||||
case "DESEDE":
|
||||
case "DESEDE3":
|
||||
return new DesEdeParameters(keyBytes, offset, length);
|
||||
case "RC2":
|
||||
return new RC2Parameters(keyBytes, offset, length);
|
||||
default:
|
||||
return new KeyParameter(keyBytes, offset, length);
|
||||
}
|
||||
}
|
||||
|
||||
public static ICipherParameters GetCipherParameters(
|
||||
DerObjectIdentifier algOid,
|
||||
ICipherParameters key,
|
||||
Asn1Object asn1Params)
|
||||
{
|
||||
return GetCipherParameters(algOid.Id, key, asn1Params);
|
||||
}
|
||||
|
||||
public static ICipherParameters GetCipherParameters(
|
||||
string algorithm,
|
||||
ICipherParameters key,
|
||||
Asn1Object asn1Params)
|
||||
{
|
||||
if (algorithm == null)
|
||||
throw new ArgumentNullException("algorithm");
|
||||
|
||||
string canonical = GetCanonicalAlgorithmName(algorithm);
|
||||
|
||||
if (canonical == null)
|
||||
throw new SecurityUtilityException("Algorithm " + algorithm + " not recognised.");
|
||||
|
||||
byte[] iv = null;
|
||||
|
||||
try
|
||||
{
|
||||
switch (canonical)
|
||||
{
|
||||
case "AES":
|
||||
case "AES128":
|
||||
case "AES192":
|
||||
case "AES256":
|
||||
case "BLOWFISH":
|
||||
case "CAMELLIA":
|
||||
case "CAMELLIA128":
|
||||
case "CAMELLIA192":
|
||||
case "CAMELLIA256":
|
||||
case "DES":
|
||||
case "DESEDE":
|
||||
case "DESEDE3":
|
||||
case "NOEKEON":
|
||||
case "RIJNDAEL":
|
||||
case "SEED":
|
||||
case "SKIPJACK":
|
||||
case "TWOFISH":
|
||||
iv = ((Asn1OctetString) asn1Params).GetOctets();
|
||||
break;
|
||||
case "RC2":
|
||||
iv = RC2CbcParameter.GetInstance(asn1Params).GetIV();
|
||||
break;
|
||||
case "IDEA":
|
||||
iv = IdeaCbcPar.GetInstance(asn1Params).GetIV();
|
||||
break;
|
||||
case "CAST5":
|
||||
iv = Cast5CbcParameters.GetInstance(asn1Params).GetIV();
|
||||
break;
|
||||
}
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
throw new ArgumentException("Could not process ASN.1 parameters", e);
|
||||
}
|
||||
|
||||
if (iv != null)
|
||||
{
|
||||
return new ParametersWithIV(key, iv);
|
||||
}
|
||||
|
||||
throw new SecurityUtilityException("Algorithm " + algorithm + " not recognised.");
|
||||
}
|
||||
|
||||
public static Asn1Encodable GenerateParameters(
|
||||
DerObjectIdentifier algID,
|
||||
SecureRandom random)
|
||||
{
|
||||
return GenerateParameters(algID.Id, random);
|
||||
}
|
||||
|
||||
public static Asn1Encodable GenerateParameters(
|
||||
string algorithm,
|
||||
SecureRandom random)
|
||||
{
|
||||
if (algorithm == null)
|
||||
throw new ArgumentNullException("algorithm");
|
||||
|
||||
string canonical = GetCanonicalAlgorithmName(algorithm);
|
||||
|
||||
if (canonical == null)
|
||||
throw new SecurityUtilityException("Algorithm " + algorithm + " not recognised.");
|
||||
|
||||
switch (canonical)
|
||||
{
|
||||
// TODO These algorithms support an IV (see GetCipherParameters)
|
||||
// but JCE doesn't seem to provide an AlgorithmParametersGenerator for them
|
||||
// case "RIJNDAEL":
|
||||
// case "SKIPJACK":
|
||||
// case "TWOFISH":
|
||||
|
||||
case "AES":
|
||||
case "AES128":
|
||||
case "AES192":
|
||||
case "AES256":
|
||||
return CreateIVOctetString(random, 16);
|
||||
case "BLOWFISH":
|
||||
return CreateIVOctetString(random, 8);
|
||||
case "CAMELLIA":
|
||||
case "CAMELLIA128":
|
||||
case "CAMELLIA192":
|
||||
case "CAMELLIA256":
|
||||
return CreateIVOctetString(random, 16);
|
||||
case "CAST5":
|
||||
return new Cast5CbcParameters(CreateIV(random, 8), 128);
|
||||
case "DES":
|
||||
case "DESEDE":
|
||||
case "DESEDE3":
|
||||
return CreateIVOctetString(random, 8);
|
||||
case "IDEA":
|
||||
return new IdeaCbcPar(CreateIV(random, 8));
|
||||
case "NOEKEON":
|
||||
return CreateIVOctetString(random, 16);
|
||||
case "RC2":
|
||||
return new RC2CbcParameter(CreateIV(random, 8));
|
||||
case "SEED":
|
||||
return CreateIVOctetString(random, 16);
|
||||
}
|
||||
|
||||
throw new SecurityUtilityException("Algorithm " + algorithm + " not recognised.");
|
||||
}
|
||||
|
||||
private static Asn1OctetString CreateIVOctetString(
|
||||
SecureRandom random,
|
||||
int ivLength)
|
||||
{
|
||||
return new DerOctetString(CreateIV(random, ivLength));
|
||||
}
|
||||
|
||||
private static byte[] CreateIV(
|
||||
SecureRandom random,
|
||||
int ivLength)
|
||||
{
|
||||
byte[] iv = new byte[ivLength];
|
||||
random.NextBytes(iv);
|
||||
return iv;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -47,7 +47,11 @@ namespace Org.BouncyCastle.Security
|
|||
AlgorithmIdentifier algID = keyInfo.AlgorithmID;
|
||||
DerObjectIdentifier algOid = algID.ObjectID;
|
||||
|
||||
if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption))
|
||||
// TODO See RSAUtil.isRsaOid in Java build
|
||||
if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption)
|
||||
|| algOid.Equals(X509ObjectIdentifiers.IdEARsa)
|
||||
|| algOid.Equals(PkcsObjectIdentifiers.IdRsassaPss)
|
||||
|| algOid.Equals(PkcsObjectIdentifiers.IdRsaesOaep))
|
||||
{
|
||||
RsaPrivateKeyStructure keyStructure = new RsaPrivateKeyStructure(
|
||||
Asn1Sequence.GetInstance(keyInfo.PrivateKey));
|
||||
|
|
|
@ -47,8 +47,11 @@ namespace Org.BouncyCastle.Security
|
|||
AlgorithmIdentifier algID = keyInfo.AlgorithmID;
|
||||
DerObjectIdentifier algOid = algID.ObjectID;
|
||||
|
||||
// TODO See RSAUtil.isRsaOid in Java build
|
||||
if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption)
|
||||
|| algOid.Equals(X509ObjectIdentifiers.IdEARsa))
|
||||
|| algOid.Equals(X509ObjectIdentifiers.IdEARsa)
|
||||
|| algOid.Equals(PkcsObjectIdentifiers.IdRsassaPss)
|
||||
|| algOid.Equals(PkcsObjectIdentifiers.IdRsaesOaep))
|
||||
{
|
||||
RsaPublicKeyStructure pubKey = RsaPublicKeyStructure.GetInstance(
|
||||
keyInfo.GetPublicKey());
|
||||
|
|
Loading…
Reference in New Issue