init commit
This commit is contained in:
@@ -0,0 +1,384 @@
|
||||
using System;
|
||||
using System.Collections;
|
||||
using Org.BouncyCastle.Asn1;
|
||||
using Org.BouncyCastle.Asn1.CryptoPro;
|
||||
using Org.BouncyCastle.Asn1.Eac;
|
||||
using Org.BouncyCastle.Asn1.Nist;
|
||||
using Org.BouncyCastle.Asn1.Oiw;
|
||||
using Org.BouncyCastle.Asn1.Pkcs;
|
||||
using Org.BouncyCastle.Asn1.TeleTrust;
|
||||
using Org.BouncyCastle.Asn1.X509;
|
||||
using Org.BouncyCastle.Asn1.X9;
|
||||
using Org.BouncyCastle.Crypto;
|
||||
using Org.BouncyCastle.Crypto.Parameters;
|
||||
using Org.BouncyCastle.Security;
|
||||
using Org.BouncyCastle.Utilities;
|
||||
using Org.BouncyCastle.Utilities.Collections;
|
||||
using Org.BouncyCastle.X509;
|
||||
using Org.BouncyCastle.X509.Store;
|
||||
|
||||
namespace Org.BouncyCastle.Cms;
|
||||
|
||||
internal class CmsSignedHelper
|
||||
{
|
||||
internal static readonly CmsSignedHelper Instance;
|
||||
|
||||
private static readonly string EncryptionECDsaWithSha1;
|
||||
|
||||
private static readonly string EncryptionECDsaWithSha224;
|
||||
|
||||
private static readonly string EncryptionECDsaWithSha256;
|
||||
|
||||
private static readonly string EncryptionECDsaWithSha384;
|
||||
|
||||
private static readonly string EncryptionECDsaWithSha512;
|
||||
|
||||
private static readonly IDictionary encryptionAlgs;
|
||||
|
||||
private static readonly IDictionary digestAlgs;
|
||||
|
||||
private static readonly IDictionary digestAliases;
|
||||
|
||||
private static readonly ISet noParams;
|
||||
|
||||
private static readonly IDictionary ecAlgorithms;
|
||||
|
||||
private static void AddEntries(DerObjectIdentifier oid, string digest, string encryption)
|
||||
{
|
||||
string id = oid.Id;
|
||||
digestAlgs.Add(id, digest);
|
||||
encryptionAlgs.Add(id, encryption);
|
||||
}
|
||||
|
||||
static CmsSignedHelper()
|
||||
{
|
||||
Instance = new CmsSignedHelper();
|
||||
EncryptionECDsaWithSha1 = X9ObjectIdentifiers.ECDsaWithSha1.Id;
|
||||
EncryptionECDsaWithSha224 = X9ObjectIdentifiers.ECDsaWithSha224.Id;
|
||||
EncryptionECDsaWithSha256 = X9ObjectIdentifiers.ECDsaWithSha256.Id;
|
||||
EncryptionECDsaWithSha384 = X9ObjectIdentifiers.ECDsaWithSha384.Id;
|
||||
EncryptionECDsaWithSha512 = X9ObjectIdentifiers.ECDsaWithSha512.Id;
|
||||
encryptionAlgs = Platform.CreateHashtable();
|
||||
digestAlgs = Platform.CreateHashtable();
|
||||
digestAliases = Platform.CreateHashtable();
|
||||
noParams = new HashSet();
|
||||
ecAlgorithms = Platform.CreateHashtable();
|
||||
AddEntries(NistObjectIdentifiers.DsaWithSha224, "SHA224", "DSA");
|
||||
AddEntries(NistObjectIdentifiers.DsaWithSha256, "SHA256", "DSA");
|
||||
AddEntries(NistObjectIdentifiers.DsaWithSha384, "SHA384", "DSA");
|
||||
AddEntries(NistObjectIdentifiers.DsaWithSha512, "SHA512", "DSA");
|
||||
AddEntries(OiwObjectIdentifiers.DsaWithSha1, "SHA1", "DSA");
|
||||
AddEntries(OiwObjectIdentifiers.MD4WithRsa, "MD4", "RSA");
|
||||
AddEntries(OiwObjectIdentifiers.MD4WithRsaEncryption, "MD4", "RSA");
|
||||
AddEntries(OiwObjectIdentifiers.MD5WithRsa, "MD5", "RSA");
|
||||
AddEntries(OiwObjectIdentifiers.Sha1WithRsa, "SHA1", "RSA");
|
||||
AddEntries(PkcsObjectIdentifiers.MD2WithRsaEncryption, "MD2", "RSA");
|
||||
AddEntries(PkcsObjectIdentifiers.MD4WithRsaEncryption, "MD4", "RSA");
|
||||
AddEntries(PkcsObjectIdentifiers.MD5WithRsaEncryption, "MD5", "RSA");
|
||||
AddEntries(PkcsObjectIdentifiers.Sha1WithRsaEncryption, "SHA1", "RSA");
|
||||
AddEntries(PkcsObjectIdentifiers.Sha224WithRsaEncryption, "SHA224", "RSA");
|
||||
AddEntries(PkcsObjectIdentifiers.Sha256WithRsaEncryption, "SHA256", "RSA");
|
||||
AddEntries(PkcsObjectIdentifiers.Sha384WithRsaEncryption, "SHA384", "RSA");
|
||||
AddEntries(PkcsObjectIdentifiers.Sha512WithRsaEncryption, "SHA512", "RSA");
|
||||
AddEntries(X9ObjectIdentifiers.ECDsaWithSha1, "SHA1", "ECDSA");
|
||||
AddEntries(X9ObjectIdentifiers.ECDsaWithSha224, "SHA224", "ECDSA");
|
||||
AddEntries(X9ObjectIdentifiers.ECDsaWithSha256, "SHA256", "ECDSA");
|
||||
AddEntries(X9ObjectIdentifiers.ECDsaWithSha384, "SHA384", "ECDSA");
|
||||
AddEntries(X9ObjectIdentifiers.ECDsaWithSha512, "SHA512", "ECDSA");
|
||||
AddEntries(X9ObjectIdentifiers.IdDsaWithSha1, "SHA1", "DSA");
|
||||
AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_1, "SHA1", "ECDSA");
|
||||
AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_224, "SHA224", "ECDSA");
|
||||
AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_256, "SHA256", "ECDSA");
|
||||
AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_384, "SHA384", "ECDSA");
|
||||
AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_512, "SHA512", "ECDSA");
|
||||
AddEntries(EacObjectIdentifiers.id_TA_RSA_v1_5_SHA_1, "SHA1", "RSA");
|
||||
AddEntries(EacObjectIdentifiers.id_TA_RSA_v1_5_SHA_256, "SHA256", "RSA");
|
||||
AddEntries(EacObjectIdentifiers.id_TA_RSA_PSS_SHA_1, "SHA1", "RSAandMGF1");
|
||||
AddEntries(EacObjectIdentifiers.id_TA_RSA_PSS_SHA_256, "SHA256", "RSAandMGF1");
|
||||
encryptionAlgs.Add(X9ObjectIdentifiers.IdDsa.Id, "DSA");
|
||||
encryptionAlgs.Add(PkcsObjectIdentifiers.RsaEncryption.Id, "RSA");
|
||||
encryptionAlgs.Add(TeleTrusTObjectIdentifiers.TeleTrusTRsaSignatureAlgorithm, "RSA");
|
||||
encryptionAlgs.Add(X509ObjectIdentifiers.IdEARsa.Id, "RSA");
|
||||
encryptionAlgs.Add(CmsSignedGenerator.EncryptionRsaPss, "RSAandMGF1");
|
||||
encryptionAlgs.Add(CryptoProObjectIdentifiers.GostR3410x94.Id, "GOST3410");
|
||||
encryptionAlgs.Add(CryptoProObjectIdentifiers.GostR3410x2001.Id, "ECGOST3410");
|
||||
encryptionAlgs.Add("1.3.6.1.4.1.5849.1.6.2", "ECGOST3410");
|
||||
encryptionAlgs.Add("1.3.6.1.4.1.5849.1.1.5", "GOST3410");
|
||||
digestAlgs.Add(PkcsObjectIdentifiers.MD2.Id, "MD2");
|
||||
digestAlgs.Add(PkcsObjectIdentifiers.MD4.Id, "MD4");
|
||||
digestAlgs.Add(PkcsObjectIdentifiers.MD5.Id, "MD5");
|
||||
digestAlgs.Add(OiwObjectIdentifiers.IdSha1.Id, "SHA1");
|
||||
digestAlgs.Add(NistObjectIdentifiers.IdSha224.Id, "SHA224");
|
||||
digestAlgs.Add(NistObjectIdentifiers.IdSha256.Id, "SHA256");
|
||||
digestAlgs.Add(NistObjectIdentifiers.IdSha384.Id, "SHA384");
|
||||
digestAlgs.Add(NistObjectIdentifiers.IdSha512.Id, "SHA512");
|
||||
digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD128.Id, "RIPEMD128");
|
||||
digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD160.Id, "RIPEMD160");
|
||||
digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD256.Id, "RIPEMD256");
|
||||
digestAlgs.Add(CryptoProObjectIdentifiers.GostR3411.Id, "GOST3411");
|
||||
digestAlgs.Add("1.3.6.1.4.1.5849.1.2.1", "GOST3411");
|
||||
digestAliases.Add("SHA1", new string[1] { "SHA-1" });
|
||||
digestAliases.Add("SHA224", new string[1] { "SHA-224" });
|
||||
digestAliases.Add("SHA256", new string[1] { "SHA-256" });
|
||||
digestAliases.Add("SHA384", new string[1] { "SHA-384" });
|
||||
digestAliases.Add("SHA512", new string[1] { "SHA-512" });
|
||||
noParams.Add(CmsSignedGenerator.EncryptionDsa);
|
||||
noParams.Add(EncryptionECDsaWithSha1);
|
||||
noParams.Add(EncryptionECDsaWithSha224);
|
||||
noParams.Add(EncryptionECDsaWithSha256);
|
||||
noParams.Add(EncryptionECDsaWithSha384);
|
||||
noParams.Add(EncryptionECDsaWithSha512);
|
||||
ecAlgorithms.Add(CmsSignedGenerator.DigestSha1, EncryptionECDsaWithSha1);
|
||||
ecAlgorithms.Add(CmsSignedGenerator.DigestSha224, EncryptionECDsaWithSha224);
|
||||
ecAlgorithms.Add(CmsSignedGenerator.DigestSha256, EncryptionECDsaWithSha256);
|
||||
ecAlgorithms.Add(CmsSignedGenerator.DigestSha384, EncryptionECDsaWithSha384);
|
||||
ecAlgorithms.Add(CmsSignedGenerator.DigestSha512, EncryptionECDsaWithSha512);
|
||||
}
|
||||
|
||||
internal string GetDigestAlgName(string digestAlgOid)
|
||||
{
|
||||
string text = (string)digestAlgs[digestAlgOid];
|
||||
if (text != null)
|
||||
{
|
||||
return text;
|
||||
}
|
||||
return digestAlgOid;
|
||||
}
|
||||
|
||||
internal AlgorithmIdentifier GetEncAlgorithmIdentifier(DerObjectIdentifier encOid, Asn1Encodable sigX509Parameters)
|
||||
{
|
||||
if (noParams.Contains(encOid.Id))
|
||||
{
|
||||
return new AlgorithmIdentifier(encOid);
|
||||
}
|
||||
return new AlgorithmIdentifier(encOid, sigX509Parameters);
|
||||
}
|
||||
|
||||
internal string[] GetDigestAliases(string algName)
|
||||
{
|
||||
string[] array = (string[])digestAliases[algName];
|
||||
if (array != null)
|
||||
{
|
||||
return (string[])array.Clone();
|
||||
}
|
||||
return new string[0];
|
||||
}
|
||||
|
||||
internal string GetEncryptionAlgName(string encryptionAlgOid)
|
||||
{
|
||||
string text = (string)encryptionAlgs[encryptionAlgOid];
|
||||
if (text != null)
|
||||
{
|
||||
return text;
|
||||
}
|
||||
return encryptionAlgOid;
|
||||
}
|
||||
|
||||
internal IDigest GetDigestInstance(string algorithm)
|
||||
{
|
||||
try
|
||||
{
|
||||
return DigestUtilities.GetDigest(algorithm);
|
||||
}
|
||||
catch (SecurityUtilityException ex)
|
||||
{
|
||||
string[] array = GetDigestAliases(algorithm);
|
||||
foreach (string algorithm2 in array)
|
||||
{
|
||||
try
|
||||
{
|
||||
return DigestUtilities.GetDigest(algorithm2);
|
||||
}
|
||||
catch (SecurityUtilityException)
|
||||
{
|
||||
}
|
||||
}
|
||||
throw ex;
|
||||
}
|
||||
}
|
||||
|
||||
internal ISigner GetSignatureInstance(string algorithm)
|
||||
{
|
||||
return SignerUtilities.GetSigner(algorithm);
|
||||
}
|
||||
|
||||
internal IX509Store CreateAttributeStore(string type, Asn1Set certSet)
|
||||
{
|
||||
IList list = Platform.CreateArrayList();
|
||||
if (certSet != null)
|
||||
{
|
||||
foreach (Asn1Encodable item in certSet)
|
||||
{
|
||||
try
|
||||
{
|
||||
Asn1Object asn1Object = item.ToAsn1Object();
|
||||
if (asn1Object is Asn1TaggedObject)
|
||||
{
|
||||
Asn1TaggedObject asn1TaggedObject = (Asn1TaggedObject)asn1Object;
|
||||
if (asn1TaggedObject.TagNo == 2)
|
||||
{
|
||||
list.Add(new X509V2AttributeCertificate(Asn1Sequence.GetInstance(asn1TaggedObject, explicitly: false).GetEncoded()));
|
||||
}
|
||||
}
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
throw new CmsException("can't re-encode attribute certificate!", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
try
|
||||
{
|
||||
return X509StoreFactory.Create("AttributeCertificate/" + type, new X509CollectionStoreParameters(list));
|
||||
}
|
||||
catch (ArgumentException e2)
|
||||
{
|
||||
throw new CmsException("can't setup the X509Store", e2);
|
||||
}
|
||||
}
|
||||
|
||||
internal IX509Store CreateCertificateStore(string type, Asn1Set certSet)
|
||||
{
|
||||
IList list = Platform.CreateArrayList();
|
||||
if (certSet != null)
|
||||
{
|
||||
AddCertsFromSet(list, certSet);
|
||||
}
|
||||
try
|
||||
{
|
||||
return X509StoreFactory.Create("Certificate/" + type, new X509CollectionStoreParameters(list));
|
||||
}
|
||||
catch (ArgumentException e)
|
||||
{
|
||||
throw new CmsException("can't setup the X509Store", e);
|
||||
}
|
||||
}
|
||||
|
||||
internal IX509Store CreateCrlStore(string type, Asn1Set crlSet)
|
||||
{
|
||||
IList list = Platform.CreateArrayList();
|
||||
if (crlSet != null)
|
||||
{
|
||||
AddCrlsFromSet(list, crlSet);
|
||||
}
|
||||
try
|
||||
{
|
||||
return X509StoreFactory.Create("CRL/" + type, new X509CollectionStoreParameters(list));
|
||||
}
|
||||
catch (ArgumentException e)
|
||||
{
|
||||
throw new CmsException("can't setup the X509Store", e);
|
||||
}
|
||||
}
|
||||
|
||||
private void AddCertsFromSet(IList certs, Asn1Set certSet)
|
||||
{
|
||||
X509CertificateParser x509CertificateParser = new X509CertificateParser();
|
||||
foreach (Asn1Encodable item in certSet)
|
||||
{
|
||||
try
|
||||
{
|
||||
Asn1Object asn1Object = item.ToAsn1Object();
|
||||
if (asn1Object is Asn1Sequence)
|
||||
{
|
||||
certs.Add(x509CertificateParser.ReadCertificate(asn1Object.GetEncoded()));
|
||||
}
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
throw new CmsException("can't re-encode certificate!", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private void AddCrlsFromSet(IList crls, Asn1Set crlSet)
|
||||
{
|
||||
X509CrlParser x509CrlParser = new X509CrlParser();
|
||||
foreach (Asn1Encodable item in crlSet)
|
||||
{
|
||||
try
|
||||
{
|
||||
crls.Add(x509CrlParser.ReadCrl(item.GetEncoded()));
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
throw new CmsException("can't re-encode CRL!", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
internal AlgorithmIdentifier FixAlgID(AlgorithmIdentifier algId)
|
||||
{
|
||||
if (algId.Parameters == null)
|
||||
{
|
||||
return new AlgorithmIdentifier(algId.Algorithm, DerNull.Instance);
|
||||
}
|
||||
return algId;
|
||||
}
|
||||
|
||||
internal string GetEncOid(AsymmetricKeyParameter key, string digestOID)
|
||||
{
|
||||
string text = null;
|
||||
if (key is RsaKeyParameters)
|
||||
{
|
||||
if (!((RsaKeyParameters)key).IsPrivate)
|
||||
{
|
||||
throw new ArgumentException("Expected RSA private key");
|
||||
}
|
||||
text = CmsSignedGenerator.EncryptionRsa;
|
||||
}
|
||||
else if (key is DsaPrivateKeyParameters)
|
||||
{
|
||||
if (digestOID.Equals(CmsSignedGenerator.DigestSha1))
|
||||
{
|
||||
text = CmsSignedGenerator.EncryptionDsa;
|
||||
}
|
||||
else if (digestOID.Equals(CmsSignedGenerator.DigestSha224))
|
||||
{
|
||||
text = NistObjectIdentifiers.DsaWithSha224.Id;
|
||||
}
|
||||
else if (digestOID.Equals(CmsSignedGenerator.DigestSha256))
|
||||
{
|
||||
text = NistObjectIdentifiers.DsaWithSha256.Id;
|
||||
}
|
||||
else if (digestOID.Equals(CmsSignedGenerator.DigestSha384))
|
||||
{
|
||||
text = NistObjectIdentifiers.DsaWithSha384.Id;
|
||||
}
|
||||
else
|
||||
{
|
||||
if (!digestOID.Equals(CmsSignedGenerator.DigestSha512))
|
||||
{
|
||||
throw new ArgumentException("can't mix DSA with anything but SHA1/SHA2");
|
||||
}
|
||||
text = NistObjectIdentifiers.DsaWithSha512.Id;
|
||||
}
|
||||
}
|
||||
else if (key is ECPrivateKeyParameters)
|
||||
{
|
||||
ECPrivateKeyParameters eCPrivateKeyParameters = (ECPrivateKeyParameters)key;
|
||||
string algorithmName = eCPrivateKeyParameters.AlgorithmName;
|
||||
if (algorithmName == "ECGOST3410")
|
||||
{
|
||||
text = CmsSignedGenerator.EncryptionECGost3410;
|
||||
}
|
||||
else
|
||||
{
|
||||
text = (string)ecAlgorithms[digestOID];
|
||||
if (text == null)
|
||||
{
|
||||
throw new ArgumentException("can't mix ECDSA with anything but SHA family digests");
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if (!(key is Gost3410PrivateKeyParameters))
|
||||
{
|
||||
throw new ArgumentException("Unknown algorithm in CmsSignedGenerator.GetEncOid");
|
||||
}
|
||||
text = CmsSignedGenerator.EncryptionGost3410;
|
||||
}
|
||||
return text;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user