init commit
This commit is contained in:
@@ -0,0 +1,558 @@
|
||||
using System;
|
||||
using System.Collections;
|
||||
using Org.BouncyCastle.Asn1;
|
||||
using Org.BouncyCastle.Asn1.BC;
|
||||
using Org.BouncyCastle.Asn1.Nist;
|
||||
using Org.BouncyCastle.Asn1.Oiw;
|
||||
using Org.BouncyCastle.Asn1.Pkcs;
|
||||
using Org.BouncyCastle.Asn1.TeleTrust;
|
||||
using Org.BouncyCastle.Asn1.X509;
|
||||
using Org.BouncyCastle.Crypto;
|
||||
using Org.BouncyCastle.Crypto.Digests;
|
||||
using Org.BouncyCastle.Crypto.Generators;
|
||||
using Org.BouncyCastle.Crypto.Parameters;
|
||||
using Org.BouncyCastle.Utilities;
|
||||
|
||||
namespace Org.BouncyCastle.Security;
|
||||
|
||||
public sealed class PbeUtilities
|
||||
{
|
||||
private const string Pkcs5S1 = "Pkcs5S1";
|
||||
|
||||
private const string Pkcs5S2 = "Pkcs5S2";
|
||||
|
||||
private const string Pkcs12 = "Pkcs12";
|
||||
|
||||
private const string OpenSsl = "OpenSsl";
|
||||
|
||||
private static readonly IDictionary algorithms;
|
||||
|
||||
private static readonly IDictionary algorithmType;
|
||||
|
||||
private static readonly IDictionary oids;
|
||||
|
||||
public static ICollection Algorithms => oids.Keys;
|
||||
|
||||
private PbeUtilities()
|
||||
{
|
||||
}
|
||||
|
||||
static PbeUtilities()
|
||||
{
|
||||
algorithms = Platform.CreateHashtable();
|
||||
algorithmType = Platform.CreateHashtable();
|
||||
oids = Platform.CreateHashtable();
|
||||
algorithms["PKCS5SCHEME1"] = "Pkcs5scheme1";
|
||||
algorithms["PKCS5SCHEME2"] = "Pkcs5scheme2";
|
||||
algorithms[PkcsObjectIdentifiers.IdPbeS2.Id] = "Pkcs5scheme2";
|
||||
algorithms["PBEWITHMD2ANDDES-CBC"] = "PBEwithMD2andDES-CBC";
|
||||
algorithms[PkcsObjectIdentifiers.PbeWithMD2AndDesCbc.Id] = "PBEwithMD2andDES-CBC";
|
||||
algorithms["PBEWITHMD2ANDRC2-CBC"] = "PBEwithMD2andRC2-CBC";
|
||||
algorithms[PkcsObjectIdentifiers.PbeWithMD2AndRC2Cbc.Id] = "PBEwithMD2andRC2-CBC";
|
||||
algorithms["PBEWITHMD5ANDDES-CBC"] = "PBEwithMD5andDES-CBC";
|
||||
algorithms[PkcsObjectIdentifiers.PbeWithMD5AndDesCbc.Id] = "PBEwithMD5andDES-CBC";
|
||||
algorithms["PBEWITHMD5ANDRC2-CBC"] = "PBEwithMD5andRC2-CBC";
|
||||
algorithms[PkcsObjectIdentifiers.PbeWithMD5AndRC2Cbc.Id] = "PBEwithMD5andRC2-CBC";
|
||||
algorithms["PBEWITHSHA1ANDDES"] = "PBEwithSHA-1andDES-CBC";
|
||||
algorithms["PBEWITHSHA-1ANDDES"] = "PBEwithSHA-1andDES-CBC";
|
||||
algorithms["PBEWITHSHA1ANDDES-CBC"] = "PBEwithSHA-1andDES-CBC";
|
||||
algorithms["PBEWITHSHA-1ANDDES-CBC"] = "PBEwithSHA-1andDES-CBC";
|
||||
algorithms[PkcsObjectIdentifiers.PbeWithSha1AndDesCbc.Id] = "PBEwithSHA-1andDES-CBC";
|
||||
algorithms["PBEWITHSHA1ANDRC2"] = "PBEwithSHA-1andRC2-CBC";
|
||||
algorithms["PBEWITHSHA-1ANDRC2"] = "PBEwithSHA-1andRC2-CBC";
|
||||
algorithms["PBEWITHSHA1ANDRC2-CBC"] = "PBEwithSHA-1andRC2-CBC";
|
||||
algorithms["PBEWITHSHA-1ANDRC2-CBC"] = "PBEwithSHA-1andRC2-CBC";
|
||||
algorithms[PkcsObjectIdentifiers.PbeWithSha1AndRC2Cbc.Id] = "PBEwithSHA-1andRC2-CBC";
|
||||
algorithms["PKCS12"] = "Pkcs12";
|
||||
algorithms[BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc.Id] = "PBEwithSHA-1and128bitAES-CBC-BC";
|
||||
algorithms[BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc.Id] = "PBEwithSHA-1and192bitAES-CBC-BC";
|
||||
algorithms[BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes256_cbc.Id] = "PBEwithSHA-1and256bitAES-CBC-BC";
|
||||
algorithms[BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes128_cbc.Id] = "PBEwithSHA-256and128bitAES-CBC-BC";
|
||||
algorithms[BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.Id] = "PBEwithSHA-256and192bitAES-CBC-BC";
|
||||
algorithms[BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.Id] = "PBEwithSHA-256and256bitAES-CBC-BC";
|
||||
algorithms["PBEWITHSHAAND128BITRC4"] = "PBEwithSHA-1and128bitRC4";
|
||||
algorithms["PBEWITHSHA1AND128BITRC4"] = "PBEwithSHA-1and128bitRC4";
|
||||
algorithms["PBEWITHSHA-1AND128BITRC4"] = "PBEwithSHA-1and128bitRC4";
|
||||
algorithms[PkcsObjectIdentifiers.PbeWithShaAnd128BitRC4.Id] = "PBEwithSHA-1and128bitRC4";
|
||||
algorithms["PBEWITHSHAAND40BITRC4"] = "PBEwithSHA-1and40bitRC4";
|
||||
algorithms["PBEWITHSHA1AND40BITRC4"] = "PBEwithSHA-1and40bitRC4";
|
||||
algorithms["PBEWITHSHA-1AND40BITRC4"] = "PBEwithSHA-1and40bitRC4";
|
||||
algorithms[PkcsObjectIdentifiers.PbeWithShaAnd40BitRC4.Id] = "PBEwithSHA-1and40bitRC4";
|
||||
algorithms["PBEWITHSHAAND3-KEYDESEDE-CBC"] = "PBEwithSHA-1and3-keyDESEDE-CBC";
|
||||
algorithms["PBEWITHSHAAND3-KEYTRIPLEDES-CBC"] = "PBEwithSHA-1and3-keyDESEDE-CBC";
|
||||
algorithms["PBEWITHSHA1AND3-KEYDESEDE-CBC"] = "PBEwithSHA-1and3-keyDESEDE-CBC";
|
||||
algorithms["PBEWITHSHA1AND3-KEYTRIPLEDES-CBC"] = "PBEwithSHA-1and3-keyDESEDE-CBC";
|
||||
algorithms["PBEWITHSHA-1AND3-KEYDESEDE-CBC"] = "PBEwithSHA-1and3-keyDESEDE-CBC";
|
||||
algorithms["PBEWITHSHA-1AND3-KEYTRIPLEDES-CBC"] = "PBEwithSHA-1and3-keyDESEDE-CBC";
|
||||
algorithms[PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc.Id] = "PBEwithSHA-1and3-keyDESEDE-CBC";
|
||||
algorithms["PBEWITHSHAAND2-KEYDESEDE-CBC"] = "PBEwithSHA-1and2-keyDESEDE-CBC";
|
||||
algorithms["PBEWITHSHAAND2-KEYTRIPLEDES-CBC"] = "PBEwithSHA-1and2-keyDESEDE-CBC";
|
||||
algorithms["PBEWITHSHA1AND2-KEYDESEDE-CBC"] = "PBEwithSHA-1and2-keyDESEDE-CBC";
|
||||
algorithms["PBEWITHSHA1AND2-KEYTRIPLEDES-CBC"] = "PBEwithSHA-1and2-keyDESEDE-CBC";
|
||||
algorithms["PBEWITHSHA-1AND2-KEYDESEDE-CBC"] = "PBEwithSHA-1and2-keyDESEDE-CBC";
|
||||
algorithms["PBEWITHSHA-1AND2-KEYTRIPLEDES-CBC"] = "PBEwithSHA-1and2-keyDESEDE-CBC";
|
||||
algorithms[PkcsObjectIdentifiers.PbeWithShaAnd2KeyTripleDesCbc.Id] = "PBEwithSHA-1and2-keyDESEDE-CBC";
|
||||
algorithms["PBEWITHSHAAND128BITRC2-CBC"] = "PBEwithSHA-1and128bitRC2-CBC";
|
||||
algorithms["PBEWITHSHA1AND128BITRC2-CBC"] = "PBEwithSHA-1and128bitRC2-CBC";
|
||||
algorithms["PBEWITHSHA-1AND128BITRC2-CBC"] = "PBEwithSHA-1and128bitRC2-CBC";
|
||||
algorithms[PkcsObjectIdentifiers.PbeWithShaAnd128BitRC2Cbc.Id] = "PBEwithSHA-1and128bitRC2-CBC";
|
||||
algorithms["PBEWITHSHAAND40BITRC2-CBC"] = "PBEwithSHA-1and40bitRC2-CBC";
|
||||
algorithms["PBEWITHSHA1AND40BITRC2-CBC"] = "PBEwithSHA-1and40bitRC2-CBC";
|
||||
algorithms["PBEWITHSHA-1AND40BITRC2-CBC"] = "PBEwithSHA-1and40bitRC2-CBC";
|
||||
algorithms[PkcsObjectIdentifiers.PbewithShaAnd40BitRC2Cbc.Id] = "PBEwithSHA-1and40bitRC2-CBC";
|
||||
algorithms["PBEWITHSHAAND128BITAES-CBC-BC"] = "PBEwithSHA-1and128bitAES-CBC-BC";
|
||||
algorithms["PBEWITHSHA1AND128BITAES-CBC-BC"] = "PBEwithSHA-1and128bitAES-CBC-BC";
|
||||
algorithms["PBEWITHSHA-1AND128BITAES-CBC-BC"] = "PBEwithSHA-1and128bitAES-CBC-BC";
|
||||
algorithms["PBEWITHSHAAND192BITAES-CBC-BC"] = "PBEwithSHA-1and192bitAES-CBC-BC";
|
||||
algorithms["PBEWITHSHA1AND192BITAES-CBC-BC"] = "PBEwithSHA-1and192bitAES-CBC-BC";
|
||||
algorithms["PBEWITHSHA-1AND192BITAES-CBC-BC"] = "PBEwithSHA-1and192bitAES-CBC-BC";
|
||||
algorithms["PBEWITHSHAAND256BITAES-CBC-BC"] = "PBEwithSHA-1and256bitAES-CBC-BC";
|
||||
algorithms["PBEWITHSHA1AND256BITAES-CBC-BC"] = "PBEwithSHA-1and256bitAES-CBC-BC";
|
||||
algorithms["PBEWITHSHA-1AND256BITAES-CBC-BC"] = "PBEwithSHA-1and256bitAES-CBC-BC";
|
||||
algorithms["PBEWITHSHA256AND128BITAES-CBC-BC"] = "PBEwithSHA-256and128bitAES-CBC-BC";
|
||||
algorithms["PBEWITHSHA-256AND128BITAES-CBC-BC"] = "PBEwithSHA-256and128bitAES-CBC-BC";
|
||||
algorithms["PBEWITHSHA256AND192BITAES-CBC-BC"] = "PBEwithSHA-256and192bitAES-CBC-BC";
|
||||
algorithms["PBEWITHSHA-256AND192BITAES-CBC-BC"] = "PBEwithSHA-256and192bitAES-CBC-BC";
|
||||
algorithms["PBEWITHSHA256AND256BITAES-CBC-BC"] = "PBEwithSHA-256and256bitAES-CBC-BC";
|
||||
algorithms["PBEWITHSHA-256AND256BITAES-CBC-BC"] = "PBEwithSHA-256and256bitAES-CBC-BC";
|
||||
algorithms["PBEWITHSHAANDIDEA"] = "PBEwithSHA-1andIDEA-CBC";
|
||||
algorithms["PBEWITHSHAANDIDEA-CBC"] = "PBEwithSHA-1andIDEA-CBC";
|
||||
algorithms["PBEWITHSHAANDTWOFISH"] = "PBEwithSHA-1andTWOFISH-CBC";
|
||||
algorithms["PBEWITHSHAANDTWOFISH-CBC"] = "PBEwithSHA-1andTWOFISH-CBC";
|
||||
algorithms["PBEWITHHMACSHA1"] = "PBEwithHmacSHA-1";
|
||||
algorithms["PBEWITHHMACSHA-1"] = "PBEwithHmacSHA-1";
|
||||
algorithms[OiwObjectIdentifiers.IdSha1.Id] = "PBEwithHmacSHA-1";
|
||||
algorithms["PBEWITHHMACSHA224"] = "PBEwithHmacSHA-224";
|
||||
algorithms["PBEWITHHMACSHA-224"] = "PBEwithHmacSHA-224";
|
||||
algorithms[NistObjectIdentifiers.IdSha224.Id] = "PBEwithHmacSHA-224";
|
||||
algorithms["PBEWITHHMACSHA256"] = "PBEwithHmacSHA-256";
|
||||
algorithms["PBEWITHHMACSHA-256"] = "PBEwithHmacSHA-256";
|
||||
algorithms[NistObjectIdentifiers.IdSha256.Id] = "PBEwithHmacSHA-256";
|
||||
algorithms["PBEWITHHMACRIPEMD128"] = "PBEwithHmacRipeMD128";
|
||||
algorithms[TeleTrusTObjectIdentifiers.RipeMD128.Id] = "PBEwithHmacRipeMD128";
|
||||
algorithms["PBEWITHHMACRIPEMD160"] = "PBEwithHmacRipeMD160";
|
||||
algorithms[TeleTrusTObjectIdentifiers.RipeMD160.Id] = "PBEwithHmacRipeMD160";
|
||||
algorithms["PBEWITHHMACRIPEMD256"] = "PBEwithHmacRipeMD256";
|
||||
algorithms[TeleTrusTObjectIdentifiers.RipeMD256.Id] = "PBEwithHmacRipeMD256";
|
||||
algorithms["PBEWITHHMACTIGER"] = "PBEwithHmacTiger";
|
||||
algorithms["PBEWITHMD5AND128BITAES-CBC-OPENSSL"] = "PBEwithMD5and128bitAES-CBC-OpenSSL";
|
||||
algorithms["PBEWITHMD5AND192BITAES-CBC-OPENSSL"] = "PBEwithMD5and192bitAES-CBC-OpenSSL";
|
||||
algorithms["PBEWITHMD5AND256BITAES-CBC-OPENSSL"] = "PBEwithMD5and256bitAES-CBC-OpenSSL";
|
||||
algorithmType["Pkcs5scheme1"] = "Pkcs5S1";
|
||||
algorithmType["Pkcs5scheme2"] = "Pkcs5S2";
|
||||
algorithmType["PBEwithMD2andDES-CBC"] = "Pkcs5S1";
|
||||
algorithmType["PBEwithMD2andRC2-CBC"] = "Pkcs5S1";
|
||||
algorithmType["PBEwithMD5andDES-CBC"] = "Pkcs5S1";
|
||||
algorithmType["PBEwithMD5andRC2-CBC"] = "Pkcs5S1";
|
||||
algorithmType["PBEwithSHA-1andDES-CBC"] = "Pkcs5S1";
|
||||
algorithmType["PBEwithSHA-1andRC2-CBC"] = "Pkcs5S1";
|
||||
algorithmType["Pkcs12"] = "Pkcs12";
|
||||
algorithmType["PBEwithSHA-1and128bitRC4"] = "Pkcs12";
|
||||
algorithmType["PBEwithSHA-1and40bitRC4"] = "Pkcs12";
|
||||
algorithmType["PBEwithSHA-1and3-keyDESEDE-CBC"] = "Pkcs12";
|
||||
algorithmType["PBEwithSHA-1and2-keyDESEDE-CBC"] = "Pkcs12";
|
||||
algorithmType["PBEwithSHA-1and128bitRC2-CBC"] = "Pkcs12";
|
||||
algorithmType["PBEwithSHA-1and40bitRC2-CBC"] = "Pkcs12";
|
||||
algorithmType["PBEwithSHA-1and128bitAES-CBC-BC"] = "Pkcs12";
|
||||
algorithmType["PBEwithSHA-1and192bitAES-CBC-BC"] = "Pkcs12";
|
||||
algorithmType["PBEwithSHA-1and256bitAES-CBC-BC"] = "Pkcs12";
|
||||
algorithmType["PBEwithSHA-256and128bitAES-CBC-BC"] = "Pkcs12";
|
||||
algorithmType["PBEwithSHA-256and192bitAES-CBC-BC"] = "Pkcs12";
|
||||
algorithmType["PBEwithSHA-256and256bitAES-CBC-BC"] = "Pkcs12";
|
||||
algorithmType["PBEwithSHA-1andIDEA-CBC"] = "Pkcs12";
|
||||
algorithmType["PBEwithSHA-1andTWOFISH-CBC"] = "Pkcs12";
|
||||
algorithmType["PBEwithHmacSHA-1"] = "Pkcs12";
|
||||
algorithmType["PBEwithHmacSHA-224"] = "Pkcs12";
|
||||
algorithmType["PBEwithHmacSHA-256"] = "Pkcs12";
|
||||
algorithmType["PBEwithHmacRipeMD128"] = "Pkcs12";
|
||||
algorithmType["PBEwithHmacRipeMD160"] = "Pkcs12";
|
||||
algorithmType["PBEwithHmacRipeMD256"] = "Pkcs12";
|
||||
algorithmType["PBEwithHmacTiger"] = "Pkcs12";
|
||||
algorithmType["PBEwithMD5and128bitAES-CBC-OpenSSL"] = "OpenSsl";
|
||||
algorithmType["PBEwithMD5and192bitAES-CBC-OpenSSL"] = "OpenSsl";
|
||||
algorithmType["PBEwithMD5and256bitAES-CBC-OpenSSL"] = "OpenSsl";
|
||||
oids["PBEwithMD2andDES-CBC"] = PkcsObjectIdentifiers.PbeWithMD2AndDesCbc;
|
||||
oids["PBEwithMD2andRC2-CBC"] = PkcsObjectIdentifiers.PbeWithMD2AndRC2Cbc;
|
||||
oids["PBEwithMD5andDES-CBC"] = PkcsObjectIdentifiers.PbeWithMD5AndDesCbc;
|
||||
oids["PBEwithMD5andRC2-CBC"] = PkcsObjectIdentifiers.PbeWithMD5AndRC2Cbc;
|
||||
oids["PBEwithSHA-1andDES-CBC"] = PkcsObjectIdentifiers.PbeWithSha1AndDesCbc;
|
||||
oids["PBEwithSHA-1andRC2-CBC"] = PkcsObjectIdentifiers.PbeWithSha1AndRC2Cbc;
|
||||
oids["PBEwithSHA-1and128bitRC4"] = PkcsObjectIdentifiers.PbeWithShaAnd128BitRC4;
|
||||
oids["PBEwithSHA-1and40bitRC4"] = PkcsObjectIdentifiers.PbeWithShaAnd40BitRC4;
|
||||
oids["PBEwithSHA-1and3-keyDESEDE-CBC"] = PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc;
|
||||
oids["PBEwithSHA-1and2-keyDESEDE-CBC"] = PkcsObjectIdentifiers.PbeWithShaAnd2KeyTripleDesCbc;
|
||||
oids["PBEwithSHA-1and128bitRC2-CBC"] = PkcsObjectIdentifiers.PbeWithShaAnd128BitRC2Cbc;
|
||||
oids["PBEwithSHA-1and40bitRC2-CBC"] = PkcsObjectIdentifiers.PbewithShaAnd40BitRC2Cbc;
|
||||
oids["PBEwithHmacSHA-1"] = OiwObjectIdentifiers.IdSha1;
|
||||
oids["PBEwithHmacSHA-224"] = NistObjectIdentifiers.IdSha224;
|
||||
oids["PBEwithHmacSHA-256"] = NistObjectIdentifiers.IdSha256;
|
||||
oids["PBEwithHmacRipeMD128"] = TeleTrusTObjectIdentifiers.RipeMD128;
|
||||
oids["PBEwithHmacRipeMD160"] = TeleTrusTObjectIdentifiers.RipeMD160;
|
||||
oids["PBEwithHmacRipeMD256"] = TeleTrusTObjectIdentifiers.RipeMD256;
|
||||
oids["Pkcs5scheme2"] = PkcsObjectIdentifiers.IdPbeS2;
|
||||
}
|
||||
|
||||
private static PbeParametersGenerator MakePbeGenerator(string type, IDigest digest, byte[] key, byte[] salt, int iterationCount)
|
||||
{
|
||||
PbeParametersGenerator pbeParametersGenerator;
|
||||
if (type.Equals("Pkcs5S1"))
|
||||
{
|
||||
pbeParametersGenerator = new Pkcs5S1ParametersGenerator(digest);
|
||||
}
|
||||
else if (type.Equals("Pkcs5S2"))
|
||||
{
|
||||
pbeParametersGenerator = new Pkcs5S2ParametersGenerator();
|
||||
}
|
||||
else if (type.Equals("Pkcs12"))
|
||||
{
|
||||
pbeParametersGenerator = new Pkcs12ParametersGenerator(digest);
|
||||
}
|
||||
else
|
||||
{
|
||||
if (!type.Equals("OpenSsl"))
|
||||
{
|
||||
throw new ArgumentException("Unknown PBE type: " + type, "type");
|
||||
}
|
||||
pbeParametersGenerator = new OpenSslPbeParametersGenerator();
|
||||
}
|
||||
pbeParametersGenerator.Init(key, salt, iterationCount);
|
||||
return pbeParametersGenerator;
|
||||
}
|
||||
|
||||
public static DerObjectIdentifier GetObjectIdentifier(string mechanism)
|
||||
{
|
||||
mechanism = (string)algorithms[Platform.ToUpperInvariant(mechanism)];
|
||||
if (mechanism != null)
|
||||
{
|
||||
return (DerObjectIdentifier)oids[mechanism];
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public static bool IsPkcs12(string algorithm)
|
||||
{
|
||||
string text = (string)algorithms[Platform.ToUpperInvariant(algorithm)];
|
||||
if (text != null)
|
||||
{
|
||||
return "Pkcs12".Equals(algorithmType[text]);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
public static bool IsPkcs5Scheme1(string algorithm)
|
||||
{
|
||||
string text = (string)algorithms[Platform.ToUpperInvariant(algorithm)];
|
||||
if (text != null)
|
||||
{
|
||||
return "Pkcs5S1".Equals(algorithmType[text]);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
public static bool IsPkcs5Scheme2(string algorithm)
|
||||
{
|
||||
string text = (string)algorithms[Platform.ToUpperInvariant(algorithm)];
|
||||
if (text != null)
|
||||
{
|
||||
return "Pkcs5S2".Equals(algorithmType[text]);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
public static bool IsOpenSsl(string algorithm)
|
||||
{
|
||||
string text = (string)algorithms[Platform.ToUpperInvariant(algorithm)];
|
||||
if (text != null)
|
||||
{
|
||||
return "OpenSsl".Equals(algorithmType[text]);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
public static bool IsPbeAlgorithm(string algorithm)
|
||||
{
|
||||
string text = (string)algorithms[Platform.ToUpperInvariant(algorithm)];
|
||||
if (text != null)
|
||||
{
|
||||
return algorithmType[text] != null;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
public static Asn1Encodable GenerateAlgorithmParameters(DerObjectIdentifier algorithmOid, byte[] salt, int iterationCount)
|
||||
{
|
||||
return GenerateAlgorithmParameters(algorithmOid.Id, salt, iterationCount);
|
||||
}
|
||||
|
||||
public static Asn1Encodable GenerateAlgorithmParameters(string algorithm, byte[] salt, int iterationCount)
|
||||
{
|
||||
if (IsPkcs12(algorithm))
|
||||
{
|
||||
return new Pkcs12PbeParams(salt, iterationCount);
|
||||
}
|
||||
if (IsPkcs5Scheme2(algorithm))
|
||||
{
|
||||
return new Pbkdf2Params(salt, iterationCount);
|
||||
}
|
||||
return new PbeParameter(salt, iterationCount);
|
||||
}
|
||||
|
||||
public static ICipherParameters GenerateCipherParameters(DerObjectIdentifier algorithmOid, char[] password, Asn1Encodable pbeParameters)
|
||||
{
|
||||
return GenerateCipherParameters(algorithmOid.Id, password, wrongPkcs12Zero: false, pbeParameters);
|
||||
}
|
||||
|
||||
public static ICipherParameters GenerateCipherParameters(DerObjectIdentifier algorithmOid, char[] password, bool wrongPkcs12Zero, Asn1Encodable pbeParameters)
|
||||
{
|
||||
return GenerateCipherParameters(algorithmOid.Id, password, wrongPkcs12Zero, pbeParameters);
|
||||
}
|
||||
|
||||
public static ICipherParameters GenerateCipherParameters(AlgorithmIdentifier algID, char[] password)
|
||||
{
|
||||
return GenerateCipherParameters(algID.Algorithm.Id, password, wrongPkcs12Zero: false, algID.Parameters);
|
||||
}
|
||||
|
||||
public static ICipherParameters GenerateCipherParameters(AlgorithmIdentifier algID, char[] password, bool wrongPkcs12Zero)
|
||||
{
|
||||
return GenerateCipherParameters(algID.Algorithm.Id, password, wrongPkcs12Zero, algID.Parameters);
|
||||
}
|
||||
|
||||
public static ICipherParameters GenerateCipherParameters(string algorithm, char[] password, Asn1Encodable pbeParameters)
|
||||
{
|
||||
return GenerateCipherParameters(algorithm, password, wrongPkcs12Zero: false, pbeParameters);
|
||||
}
|
||||
|
||||
public static ICipherParameters GenerateCipherParameters(string algorithm, char[] password, bool wrongPkcs12Zero, Asn1Encodable pbeParameters)
|
||||
{
|
||||
string text = (string)algorithms[Platform.ToUpperInvariant(algorithm)];
|
||||
byte[] array = null;
|
||||
byte[] salt = null;
|
||||
int iterationCount = 0;
|
||||
if (IsPkcs12(text))
|
||||
{
|
||||
Pkcs12PbeParams instance = Pkcs12PbeParams.GetInstance(pbeParameters);
|
||||
salt = instance.GetIV();
|
||||
iterationCount = instance.Iterations.IntValue;
|
||||
array = PbeParametersGenerator.Pkcs12PasswordToBytes(password, wrongPkcs12Zero);
|
||||
}
|
||||
else if (!IsPkcs5Scheme2(text))
|
||||
{
|
||||
PbeParameter instance2 = PbeParameter.GetInstance(pbeParameters);
|
||||
salt = instance2.GetSalt();
|
||||
iterationCount = instance2.IterationCount.IntValue;
|
||||
array = PbeParametersGenerator.Pkcs5PasswordToBytes(password);
|
||||
}
|
||||
ICipherParameters parameters = null;
|
||||
if (IsPkcs5Scheme2(text))
|
||||
{
|
||||
PbeS2Parameters instance3 = PbeS2Parameters.GetInstance(pbeParameters.ToAsn1Object());
|
||||
AlgorithmIdentifier encryptionScheme = instance3.EncryptionScheme;
|
||||
DerObjectIdentifier algorithm2 = encryptionScheme.Algorithm;
|
||||
Asn1Object obj = encryptionScheme.Parameters.ToAsn1Object();
|
||||
Pbkdf2Params instance4 = Pbkdf2Params.GetInstance(instance3.KeyDerivationFunc.Parameters.ToAsn1Object());
|
||||
byte[] array2;
|
||||
if (algorithm2.Equals(PkcsObjectIdentifiers.RC2Cbc))
|
||||
{
|
||||
RC2CbcParameter instance5 = RC2CbcParameter.GetInstance(obj);
|
||||
array2 = instance5.GetIV();
|
||||
}
|
||||
else
|
||||
{
|
||||
array2 = Asn1OctetString.GetInstance(obj).GetOctets();
|
||||
}
|
||||
salt = instance4.GetSalt();
|
||||
iterationCount = instance4.IterationCount.IntValue;
|
||||
array = PbeParametersGenerator.Pkcs5PasswordToBytes(password);
|
||||
int keySize = ((instance4.KeyLength != null) ? (instance4.KeyLength.IntValue * 8) : GeneratorUtilities.GetDefaultKeySize(algorithm2));
|
||||
PbeParametersGenerator pbeParametersGenerator = MakePbeGenerator((string)algorithmType[text], null, array, salt, iterationCount);
|
||||
parameters = pbeParametersGenerator.GenerateDerivedParameters(algorithm2.Id, keySize);
|
||||
if (array2 != null && !Arrays.AreEqual(array2, new byte[array2.Length]))
|
||||
{
|
||||
parameters = new ParametersWithIV(parameters, array2);
|
||||
}
|
||||
}
|
||||
else if (Platform.StartsWith(text, "PBEwithSHA-1"))
|
||||
{
|
||||
PbeParametersGenerator pbeParametersGenerator2 = MakePbeGenerator((string)algorithmType[text], new Sha1Digest(), array, salt, iterationCount);
|
||||
if (text.Equals("PBEwithSHA-1and128bitAES-CBC-BC"))
|
||||
{
|
||||
parameters = pbeParametersGenerator2.GenerateDerivedParameters("AES", 128, 128);
|
||||
}
|
||||
else if (text.Equals("PBEwithSHA-1and192bitAES-CBC-BC"))
|
||||
{
|
||||
parameters = pbeParametersGenerator2.GenerateDerivedParameters("AES", 192, 128);
|
||||
}
|
||||
else if (text.Equals("PBEwithSHA-1and256bitAES-CBC-BC"))
|
||||
{
|
||||
parameters = pbeParametersGenerator2.GenerateDerivedParameters("AES", 256, 128);
|
||||
}
|
||||
else if (text.Equals("PBEwithSHA-1and128bitRC4"))
|
||||
{
|
||||
parameters = pbeParametersGenerator2.GenerateDerivedParameters("RC4", 128);
|
||||
}
|
||||
else if (text.Equals("PBEwithSHA-1and40bitRC4"))
|
||||
{
|
||||
parameters = pbeParametersGenerator2.GenerateDerivedParameters("RC4", 40);
|
||||
}
|
||||
else if (text.Equals("PBEwithSHA-1and3-keyDESEDE-CBC"))
|
||||
{
|
||||
parameters = pbeParametersGenerator2.GenerateDerivedParameters("DESEDE", 192, 64);
|
||||
}
|
||||
else if (text.Equals("PBEwithSHA-1and2-keyDESEDE-CBC"))
|
||||
{
|
||||
parameters = pbeParametersGenerator2.GenerateDerivedParameters("DESEDE", 128, 64);
|
||||
}
|
||||
else if (text.Equals("PBEwithSHA-1and128bitRC2-CBC"))
|
||||
{
|
||||
parameters = pbeParametersGenerator2.GenerateDerivedParameters("RC2", 128, 64);
|
||||
}
|
||||
else if (text.Equals("PBEwithSHA-1and40bitRC2-CBC"))
|
||||
{
|
||||
parameters = pbeParametersGenerator2.GenerateDerivedParameters("RC2", 40, 64);
|
||||
}
|
||||
else if (text.Equals("PBEwithSHA-1andDES-CBC"))
|
||||
{
|
||||
parameters = pbeParametersGenerator2.GenerateDerivedParameters("DES", 64, 64);
|
||||
}
|
||||
else if (text.Equals("PBEwithSHA-1andRC2-CBC"))
|
||||
{
|
||||
parameters = pbeParametersGenerator2.GenerateDerivedParameters("RC2", 64, 64);
|
||||
}
|
||||
}
|
||||
else if (Platform.StartsWith(text, "PBEwithSHA-256"))
|
||||
{
|
||||
PbeParametersGenerator pbeParametersGenerator3 = MakePbeGenerator((string)algorithmType[text], new Sha256Digest(), array, salt, iterationCount);
|
||||
if (text.Equals("PBEwithSHA-256and128bitAES-CBC-BC"))
|
||||
{
|
||||
parameters = pbeParametersGenerator3.GenerateDerivedParameters("AES", 128, 128);
|
||||
}
|
||||
else if (text.Equals("PBEwithSHA-256and192bitAES-CBC-BC"))
|
||||
{
|
||||
parameters = pbeParametersGenerator3.GenerateDerivedParameters("AES", 192, 128);
|
||||
}
|
||||
else if (text.Equals("PBEwithSHA-256and256bitAES-CBC-BC"))
|
||||
{
|
||||
parameters = pbeParametersGenerator3.GenerateDerivedParameters("AES", 256, 128);
|
||||
}
|
||||
}
|
||||
else if (Platform.StartsWith(text, "PBEwithMD5"))
|
||||
{
|
||||
PbeParametersGenerator pbeParametersGenerator4 = MakePbeGenerator((string)algorithmType[text], new MD5Digest(), array, salt, iterationCount);
|
||||
if (text.Equals("PBEwithMD5andDES-CBC"))
|
||||
{
|
||||
parameters = pbeParametersGenerator4.GenerateDerivedParameters("DES", 64, 64);
|
||||
}
|
||||
else if (text.Equals("PBEwithMD5andRC2-CBC"))
|
||||
{
|
||||
parameters = pbeParametersGenerator4.GenerateDerivedParameters("RC2", 64, 64);
|
||||
}
|
||||
else if (text.Equals("PBEwithMD5and128bitAES-CBC-OpenSSL"))
|
||||
{
|
||||
parameters = pbeParametersGenerator4.GenerateDerivedParameters("AES", 128, 128);
|
||||
}
|
||||
else if (text.Equals("PBEwithMD5and192bitAES-CBC-OpenSSL"))
|
||||
{
|
||||
parameters = pbeParametersGenerator4.GenerateDerivedParameters("AES", 192, 128);
|
||||
}
|
||||
else if (text.Equals("PBEwithMD5and256bitAES-CBC-OpenSSL"))
|
||||
{
|
||||
parameters = pbeParametersGenerator4.GenerateDerivedParameters("AES", 256, 128);
|
||||
}
|
||||
}
|
||||
else if (Platform.StartsWith(text, "PBEwithMD2"))
|
||||
{
|
||||
PbeParametersGenerator pbeParametersGenerator5 = MakePbeGenerator((string)algorithmType[text], new MD2Digest(), array, salt, iterationCount);
|
||||
if (text.Equals("PBEwithMD2andDES-CBC"))
|
||||
{
|
||||
parameters = pbeParametersGenerator5.GenerateDerivedParameters("DES", 64, 64);
|
||||
}
|
||||
else if (text.Equals("PBEwithMD2andRC2-CBC"))
|
||||
{
|
||||
parameters = pbeParametersGenerator5.GenerateDerivedParameters("RC2", 64, 64);
|
||||
}
|
||||
}
|
||||
else if (Platform.StartsWith(text, "PBEwithHmac"))
|
||||
{
|
||||
string algorithm3 = text.Substring("PBEwithHmac".Length);
|
||||
IDigest digest = DigestUtilities.GetDigest(algorithm3);
|
||||
PbeParametersGenerator pbeParametersGenerator6 = MakePbeGenerator((string)algorithmType[text], digest, array, salt, iterationCount);
|
||||
int keySize2 = digest.GetDigestSize() * 8;
|
||||
parameters = pbeParametersGenerator6.GenerateDerivedMacParameters(keySize2);
|
||||
}
|
||||
Array.Clear(array, 0, array.Length);
|
||||
return FixDesParity(text, parameters);
|
||||
}
|
||||
|
||||
public static object CreateEngine(DerObjectIdentifier algorithmOid)
|
||||
{
|
||||
return CreateEngine(algorithmOid.Id);
|
||||
}
|
||||
|
||||
public static object CreateEngine(AlgorithmIdentifier algID)
|
||||
{
|
||||
string id = algID.Algorithm.Id;
|
||||
if (IsPkcs5Scheme2(id))
|
||||
{
|
||||
PbeS2Parameters instance = PbeS2Parameters.GetInstance(algID.Parameters.ToAsn1Object());
|
||||
AlgorithmIdentifier encryptionScheme = instance.EncryptionScheme;
|
||||
return CipherUtilities.GetCipher(encryptionScheme.Algorithm);
|
||||
}
|
||||
return CreateEngine(id);
|
||||
}
|
||||
|
||||
public static object CreateEngine(string algorithm)
|
||||
{
|
||||
string text = (string)algorithms[Platform.ToUpperInvariant(algorithm)];
|
||||
if (Platform.StartsWith(text, "PBEwithHmac"))
|
||||
{
|
||||
string text2 = text.Substring("PBEwithHmac".Length);
|
||||
return MacUtilities.GetMac("HMAC/" + text2);
|
||||
}
|
||||
if (Platform.StartsWith(text, "PBEwithMD2") || Platform.StartsWith(text, "PBEwithMD5") || Platform.StartsWith(text, "PBEwithSHA-1") || Platform.StartsWith(text, "PBEwithSHA-256"))
|
||||
{
|
||||
if (Platform.EndsWith(text, "AES-CBC-BC") || Platform.EndsWith(text, "AES-CBC-OPENSSL"))
|
||||
{
|
||||
return CipherUtilities.GetCipher("AES/CBC");
|
||||
}
|
||||
if (Platform.EndsWith(text, "DES-CBC"))
|
||||
{
|
||||
return CipherUtilities.GetCipher("DES/CBC");
|
||||
}
|
||||
if (Platform.EndsWith(text, "DESEDE-CBC"))
|
||||
{
|
||||
return CipherUtilities.GetCipher("DESEDE/CBC");
|
||||
}
|
||||
if (Platform.EndsWith(text, "RC2-CBC"))
|
||||
{
|
||||
return CipherUtilities.GetCipher("RC2/CBC");
|
||||
}
|
||||
if (Platform.EndsWith(text, "RC4"))
|
||||
{
|
||||
return CipherUtilities.GetCipher("RC4");
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public static string GetEncodingName(DerObjectIdentifier oid)
|
||||
{
|
||||
return (string)algorithms[oid.Id];
|
||||
}
|
||||
|
||||
private static ICipherParameters FixDesParity(string mechanism, ICipherParameters parameters)
|
||||
{
|
||||
if (!Platform.EndsWith(mechanism, "DES-CBC") && !Platform.EndsWith(mechanism, "DESEDE-CBC"))
|
||||
{
|
||||
return parameters;
|
||||
}
|
||||
if (parameters is ParametersWithIV)
|
||||
{
|
||||
ParametersWithIV parametersWithIV = (ParametersWithIV)parameters;
|
||||
return new ParametersWithIV(FixDesParity(mechanism, parametersWithIV.Parameters), parametersWithIV.GetIV());
|
||||
}
|
||||
KeyParameter keyParameter = (KeyParameter)parameters;
|
||||
byte[] key = keyParameter.GetKey();
|
||||
DesParameters.SetOddParity(key);
|
||||
return new KeyParameter(key);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user