private static byte[] CryptPbeData(
bool forEncryption,
AlgorithmIdentifier algId,
char[] password,
bool wrongPkcs12Zero,
byte[] data)
{
IBufferedCipher cipher = PbeUtilities.CreateEngine(algId) as IBufferedCipher;
if (cipher == null)
{
throw new Exception("Unknown encryption algorithm: " + algId.Algorithm);
}
if (algId.Algorithm.Equals(PkcsObjectIdentifiers.IdPbeS2))
{
PbeS2Parameters pbeParameters = PbeS2Parameters.GetInstance(algId.Parameters);
ICipherParameters cipherParams = PbeUtilities.GenerateCipherParameters(
algId.Algorithm, password, pbeParameters);
cipher.Init(forEncryption, cipherParams);
return(cipher.DoFinal(data));
}
else
{
Pkcs12PbeParams pbeParameters = Pkcs12PbeParams.GetInstance(algId.Parameters);
ICipherParameters cipherParams = PbeUtilities.GenerateCipherParameters(
algId.Algorithm, password, wrongPkcs12Zero, pbeParameters);
cipher.Init(forEncryption, cipherParams);
return(cipher.DoFinal(data));
}
}
public ICipherBuilder <AlgorithmIdentifier> Build(char[] password)
{
if (algorithm.Equals(PkcsObjectIdentifiers.IdPbeS2))
{
IPasswordBasedDeriverBuilder <FipsPbkd.Parameters> pbeDeriverBuilder = CryptoServicesRegistrar.CreateService(FipsPbkd.PbkdF2).From(converter, password);
IPasswordBasedDeriver <FipsPbkd.Parameters> pbeDeriver = pbeDeriverBuilder
.WithPrf(digestAlgorithm)
.WithSalt(salt)
.WithIterationCount(iterationCount)
.Build();
byte[] keyEnc = pbeDeriver.DeriveKey(TargetKeyType.CIPHER, (int)Utils.keySizesInBytes[keyEncAlgorithm]);
EncryptionScheme encScheme = Utils.GetEncryptionSchemeIdentifier(keyEncAlgorithm, random);
PbeS2Parameters algParams = new PbeS2Parameters(
new KeyDerivationFunc(PkcsObjectIdentifiers.IdPbkdf2, new Pbkdf2Params(salt, iterationCount,
new AlgorithmIdentifier((DerObjectIdentifier)Utils.digestTable[digestAlgorithm], DerNull.Instance))),
encScheme);
IParameters <Algorithm> cipherParams = Utils.GetCipherParameters(encScheme);
if (Utils.IsBlockMode(cipherParams.Algorithm))
{
return(new PbeBlockCipherBuilder(new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPbeS2, algParams), Utils.CreateBlockEncryptorBuilder(keyEncAlgorithm, keyEnc, cipherParams)));
}
else if (Utils.IsAeadMode(cipherParams.Algorithm))
{
return(new PkixAeadCipherBuilder(new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPbeS2, algParams), Utils.CreateAeadEncryptorBuilder(keyEncAlgorithm, keyEnc, cipherParams)));
}
else
{
return(new PkixCipherBuilder(new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPbeS2, algParams), Utils.CreateEncryptorBuilder(keyEncAlgorithm, keyEnc, cipherParams)));
}
}
else if (algorithm.Equals(PkcsObjectIdentifiers.PbeWithShaAnd2KeyTripleDesCbc) ||
algorithm.Equals(PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc))
{
int keySize = algorithm.Equals(PkcsObjectIdentifiers.PbeWithShaAnd2KeyTripleDesCbc) ? 16 : 24;
Pkcs12PbeParams pbeParams = new Pkcs12PbeParams(salt, iterationCount);
// we ignore converter as it's specified by the algorithm
IPasswordBasedDeriverBuilder <Pbkd.PbkdParameters> pbeDeriverBuilder = CryptoServicesRegistrar.CreateService(Pbkd.Pkcs12).From(PasswordConverter.PKCS12, password);
IPasswordBasedDeriver <Pbkd.PbkdParameters> pbeDeriver = pbeDeriverBuilder
.WithPrf(FipsShs.Sha1)
.WithSalt(pbeParams.GetIV())
.WithIterationCount(pbeParams.Iterations.IntValue)
.Build();
byte[][] keyIV = pbeDeriver.DeriveKeyAndIV(TargetKeyType.CIPHER, keySize, 8);
AlgorithmIdentifier algDetails = new AlgorithmIdentifier(algorithm, pbeParams);
return(new PbeBlockCipherBuilder(algDetails, Utils.CreateBlockEncryptorBuilder(algDetails, keyIV[0], keyIV[1])));
}
throw new InvalidOperationException("cannot match algorithm: " + algorithm);
}
public static object CreateEngine(AlgorithmIdentifier algID)
{
string id = algID.Algorithm.Id;
if (IsPkcs5Scheme2(id))
{
PbeS2Parameters instance = PbeS2Parameters.GetInstance(algID.Parameters.ToAsn1Object());
AlgorithmIdentifier encryptionScheme = instance.EncryptionScheme;
return(CipherUtilities.GetCipher(encryptionScheme.Algorithm));
}
return(CreateEngine(id));
}
public ICipherBuilder <AlgorithmIdentifier> CreateDecryptorBuilder(AlgorithmIdentifier algorithmDetails)
{
if (algorithmDetails.Algorithm.Equals(PkcsObjectIdentifiers.IdPbeS2))
{
IPasswordBasedDeriverBuilder <FipsPbkd.Parameters> pbeDeriverBuilder = CryptoServicesRegistrar.CreateService(FipsPbkd.PbkdF2).From(converter.Convert(password));
PbeS2Parameters pbeParams = PbeS2Parameters.GetInstance(algorithmDetails.Parameters);
Pbkdf2Params pbkdfParams = Pbkdf2Params.GetInstance(pbeParams.KeyDerivationFunc.Parameters);
AlgorithmIdentifier encScheme = pbeParams.EncryptionScheme;
IPasswordBasedDeriver <FipsPbkd.Parameters> pbeDeriver = pbeDeriverBuilder
.WithPrf((DigestAlgorithm)Utils.digestTable[pbkdfParams.Prf.Algorithm])
.WithSalt(pbkdfParams.GetSalt())
.WithIterationCount(pbkdfParams.IterationCount.IntValue)
.Build();
byte[] keyEnc = pbeDeriver.DeriveKey(TargetKeyType.CIPHER, (pbkdfParams.KeyLength != null ? pbkdfParams.KeyLength.IntValue : (int)Utils.keySizesInBytes[encScheme.Algorithm]));
IParameters <Algorithm> cipherParams = Utils.GetCipherParameters(encScheme);
if (Utils.IsBlockMode(cipherParams.Algorithm))
{
return(new PbeBlockCipherBuilder(algorithmDetails, Utils.CreateBlockDecryptorBuilder(encScheme, keyEnc, cipherParams)));
}
else if (Utils.IsAeadMode(cipherParams.Algorithm))
{
return(new PkixAeadCipherBuilder(algorithmDetails, Utils.CreateAeadDecryptorBuilder(encScheme, keyEnc, cipherParams)));
}
else
{
return(new PkixCipherBuilder(algorithmDetails, Utils.CreateDecryptorBuilder(encScheme, keyEnc, cipherParams)));
}
}
else if (algorithmDetails.Algorithm.Equals(PkcsObjectIdentifiers.PbeWithShaAnd2KeyTripleDesCbc) ||
algorithmDetails.Algorithm.Equals(PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc))
{
int keySize = algorithmDetails.Algorithm.Equals(PkcsObjectIdentifiers.PbeWithShaAnd2KeyTripleDesCbc) ? 16 : 24;
Pkcs12PbeParams pbeParams = Pkcs12PbeParams.GetInstance(algorithmDetails.Parameters);
// we ignore converter as it's specified by the algorithm
IPasswordBasedDeriverBuilder <Pbkd.PbkdParameters> pbeDeriverBuilder = CryptoServicesRegistrar.CreateService(Pbkd.Pkcs12).From(PasswordConverter.PKCS12, password);
IPasswordBasedDeriver <Pbkd.PbkdParameters> pbeDeriver = pbeDeriverBuilder
.WithPrf(FipsShs.Sha1)
.WithSalt(pbeParams.GetIV())
.WithIterationCount(pbeParams.Iterations.IntValue)
.Build();
byte[][] keyIV = pbeDeriver.DeriveKeyAndIV(TargetKeyType.CIPHER, keySize, 8);
return(new PbeBlockCipherBuilder(algorithmDetails, Utils.CreateDecryptorBuilder(algorithmDetails, keyIV[0], keyIV[1])));
}
throw new InvalidOperationException("cannot match algorithm: " + algorithmDetails.Algorithm);
}
public static PbeS2Parameters GetInstance(object obj)
{
if (obj == null)
{
return(null);
}
PbeS2Parameters pbeS2Parameters = obj as PbeS2Parameters;
if (pbeS2Parameters != null)
{
return(pbeS2Parameters);
}
return(new PbeS2Parameters(Asn1Sequence.GetInstance(obj)));
}
public static ICipherParameters GenerateCipherParameters(string algorithm, char[] password, bool wrongPkcs12Zero, Asn1Encodable pbeParameters)
{
string text = (string)algorithms.get_Item((object)Platform.ToUpperInvariant(algorithm));
byte[] array = null;
byte[] salt = null;
int iterationCount = 0;
if (IsPkcs12(text))
{
Pkcs12PbeParams instance = Pkcs12PbeParams.GetInstance(pbeParameters);
salt = instance.GetIV();
iterationCount = instance.Iterations.IntValue;
array = PbeParametersGenerator.Pkcs12PasswordToBytes(password, wrongPkcs12Zero);
}
else if (!IsPkcs5Scheme2(text))
{
PbeParameter instance2 = PbeParameter.GetInstance(pbeParameters);
salt = instance2.GetSalt();
iterationCount = instance2.IterationCount.IntValue;
array = PbeParametersGenerator.Pkcs5PasswordToBytes(password);
}
ICipherParameters parameters = null;
if (IsPkcs5Scheme2(text))
{
PbeS2Parameters instance3 = PbeS2Parameters.GetInstance(pbeParameters.ToAsn1Object());
AlgorithmIdentifier encryptionScheme = instance3.EncryptionScheme;
DerObjectIdentifier algorithm2 = encryptionScheme.Algorithm;
Asn1Object obj = encryptionScheme.Parameters.ToAsn1Object();
Pbkdf2Params instance4 = Pbkdf2Params.GetInstance(instance3.KeyDerivationFunc.Parameters.ToAsn1Object());
byte[] array2;
if (algorithm2.Equals(PkcsObjectIdentifiers.RC2Cbc))
{
RC2CbcParameter instance5 = RC2CbcParameter.GetInstance(obj);
array2 = instance5.GetIV();
}
else
{
array2 = Asn1OctetString.GetInstance(obj).GetOctets();
}
salt = instance4.GetSalt();
iterationCount = instance4.IterationCount.IntValue;
array = PbeParametersGenerator.Pkcs5PasswordToBytes(password);
int keySize = ((instance4.KeyLength != null) ? (instance4.KeyLength.IntValue * 8) : GeneratorUtilities.GetDefaultKeySize(algorithm2));
PbeParametersGenerator pbeParametersGenerator = MakePbeGenerator((string)algorithmType.get_Item((object)text), null, array, salt, iterationCount);
parameters = pbeParametersGenerator.GenerateDerivedParameters(algorithm2.Id, keySize);
if (array2 != null && !Arrays.AreEqual(array2, new byte[array2.Length]))
{
parameters = new ParametersWithIV(parameters, array2);
}
}
else if (Platform.StartsWith(text, "PBEwithSHA-1"))
{
PbeParametersGenerator pbeParametersGenerator2 = MakePbeGenerator((string)algorithmType.get_Item((object)text), new Sha1Digest(), array, salt, iterationCount);
if (text.Equals("PBEwithSHA-1and128bitAES-CBC-BC"))
{
parameters = pbeParametersGenerator2.GenerateDerivedParameters("AES", 128, 128);
}
else if (text.Equals("PBEwithSHA-1and192bitAES-CBC-BC"))
{
parameters = pbeParametersGenerator2.GenerateDerivedParameters("AES", 192, 128);
}
else if (text.Equals("PBEwithSHA-1and256bitAES-CBC-BC"))
{
parameters = pbeParametersGenerator2.GenerateDerivedParameters("AES", 256, 128);
}
else if (text.Equals("PBEwithSHA-1and128bitRC4"))
{
parameters = pbeParametersGenerator2.GenerateDerivedParameters("RC4", 128);
}
else if (text.Equals("PBEwithSHA-1and40bitRC4"))
{
parameters = pbeParametersGenerator2.GenerateDerivedParameters("RC4", 40);
}
else if (text.Equals("PBEwithSHA-1and3-keyDESEDE-CBC"))
{
parameters = pbeParametersGenerator2.GenerateDerivedParameters("DESEDE", 192, 64);
}
else if (text.Equals("PBEwithSHA-1and2-keyDESEDE-CBC"))
{
parameters = pbeParametersGenerator2.GenerateDerivedParameters("DESEDE", 128, 64);
}
else if (text.Equals("PBEwithSHA-1and128bitRC2-CBC"))
{
parameters = pbeParametersGenerator2.GenerateDerivedParameters("RC2", 128, 64);
}
else if (text.Equals("PBEwithSHA-1and40bitRC2-CBC"))
{
parameters = pbeParametersGenerator2.GenerateDerivedParameters("RC2", 40, 64);
}
else if (text.Equals("PBEwithSHA-1andDES-CBC"))
{
parameters = pbeParametersGenerator2.GenerateDerivedParameters("DES", 64, 64);
}
else if (text.Equals("PBEwithSHA-1andRC2-CBC"))
{
parameters = pbeParametersGenerator2.GenerateDerivedParameters("RC2", 64, 64);
}
}
else if (Platform.StartsWith(text, "PBEwithSHA-256"))
{
PbeParametersGenerator pbeParametersGenerator3 = MakePbeGenerator((string)algorithmType.get_Item((object)text), new Sha256Digest(), array, salt, iterationCount);
if (text.Equals("PBEwithSHA-256and128bitAES-CBC-BC"))
{
parameters = pbeParametersGenerator3.GenerateDerivedParameters("AES", 128, 128);
}
else if (text.Equals("PBEwithSHA-256and192bitAES-CBC-BC"))
{
parameters = pbeParametersGenerator3.GenerateDerivedParameters("AES", 192, 128);
}
else if (text.Equals("PBEwithSHA-256and256bitAES-CBC-BC"))
{
parameters = pbeParametersGenerator3.GenerateDerivedParameters("AES", 256, 128);
}
}
else if (Platform.StartsWith(text, "PBEwithMD5"))
{
PbeParametersGenerator pbeParametersGenerator4 = MakePbeGenerator((string)algorithmType.get_Item((object)text), new MD5Digest(), array, salt, iterationCount);
if (text.Equals("PBEwithMD5andDES-CBC"))
{
parameters = pbeParametersGenerator4.GenerateDerivedParameters("DES", 64, 64);
}
else if (text.Equals("PBEwithMD5andRC2-CBC"))
{
parameters = pbeParametersGenerator4.GenerateDerivedParameters("RC2", 64, 64);
}
else if (text.Equals("PBEwithMD5and128bitAES-CBC-OpenSSL"))
{
parameters = pbeParametersGenerator4.GenerateDerivedParameters("AES", 128, 128);
}
else if (text.Equals("PBEwithMD5and192bitAES-CBC-OpenSSL"))
{
parameters = pbeParametersGenerator4.GenerateDerivedParameters("AES", 192, 128);
}
else if (text.Equals("PBEwithMD5and256bitAES-CBC-OpenSSL"))
{
parameters = pbeParametersGenerator4.GenerateDerivedParameters("AES", 256, 128);
}
}
else if (Platform.StartsWith(text, "PBEwithMD2"))
{
PbeParametersGenerator pbeParametersGenerator5 = MakePbeGenerator((string)algorithmType.get_Item((object)text), new MD2Digest(), array, salt, iterationCount);
if (text.Equals("PBEwithMD2andDES-CBC"))
{
parameters = pbeParametersGenerator5.GenerateDerivedParameters("DES", 64, 64);
}
else if (text.Equals("PBEwithMD2andRC2-CBC"))
{
parameters = pbeParametersGenerator5.GenerateDerivedParameters("RC2", 64, 64);
}
}
else if (Platform.StartsWith(text, "PBEwithHmac"))
{
string algorithm3 = text.Substring("PBEwithHmac".get_Length());
IDigest digest = DigestUtilities.GetDigest(algorithm3);
PbeParametersGenerator pbeParametersGenerator6 = MakePbeGenerator((string)algorithmType.get_Item((object)text), digest, array, salt, iterationCount);
int keySize2 = digest.GetDigestSize() * 8;
parameters = pbeParametersGenerator6.GenerateDerivedMacParameters(keySize2);
}
global::System.Array.Clear((global::System.Array)array, 0, array.Length);
return(FixDesParity(text, parameters));
}
public static ICipherParameters GenerateCipherParameters(
string algorithm,
char[] password,
bool wrongPkcs12Zero,
Asn1Encodable pbeParameters)
{
string mechanism = (string)algorithms[algorithm.ToUpper(CultureInfo.InvariantCulture)];
byte[] keyBytes = null;
byte[] salt = null;
int iterationCount = 0;
if (IsPkcs12(mechanism))
{
Pkcs12PbeParams pbeParams = Pkcs12PbeParams.GetInstance(pbeParameters);
salt = pbeParams.GetIV();
iterationCount = pbeParams.Iterations.IntValue;
keyBytes = PbeParametersGenerator.Pkcs12PasswordToBytes(password, wrongPkcs12Zero);
}
else if (IsPkcs5Scheme2(mechanism))
{
// See below
}
else
{
PbeParameter pbeParams = PbeParameter.GetInstance(pbeParameters);
salt = pbeParams.GetSalt();
iterationCount = pbeParams.IterationCount.IntValue;
keyBytes = PbeParametersGenerator.Pkcs5PasswordToBytes(password);
}
ICipherParameters parameters = null;
if (IsPkcs5Scheme2(mechanism))
{
PbeS2Parameters s2p = PbeS2Parameters.GetInstance(pbeParameters.ToAsn1Object());
AlgorithmIdentifier encScheme = s2p.EncryptionScheme;
DerObjectIdentifier encOid = encScheme.ObjectID;
Asn1Object encParams = encScheme.Parameters.ToAsn1Object();
// TODO What about s2p.KeyDerivationFunc.ObjectID?
Pbkdf2Params pbeParams = Pbkdf2Params.GetInstance(s2p.KeyDerivationFunc.Parameters.ToAsn1Object());
byte[] iv;
if (encOid.Equals(PkcsObjectIdentifiers.RC2Cbc)) // PKCS5.B.2.3
{
RC2CbcParameter rc2Params = RC2CbcParameter.GetInstance(encParams);
iv = rc2Params.GetIV();
}
else
{
iv = Asn1OctetString.GetInstance(encParams).GetOctets();
}
salt = pbeParams.GetSalt();
iterationCount = pbeParams.IterationCount.IntValue;
keyBytes = PbeParametersGenerator.Pkcs5PasswordToBytes(password);
int keyLength = pbeParams.KeyLength != null
? pbeParams.KeyLength.IntValue * 8
: GeneratorUtilities.GetDefaultKeySize(encOid);
PbeParametersGenerator gen = MakePbeGenerator(
(string)algorithmType[mechanism], null, keyBytes, salt, iterationCount);
parameters = gen.GenerateDerivedParameters(encOid.Id, keyLength);
if (iv != null)
{
// FIXME? OpenSSL weirdness with IV of zeros (for ECB keys?)
if (Arrays.AreEqual(iv, new byte[iv.Length]))
{
//Console.Error.Write("***** IV all 0 (length " + iv.Length + ") *****");
}
else
{
parameters = new ParametersWithIV(parameters, iv);
}
}
}
else if (mechanism.StartsWith("PBEwithSHA-1"))
{
PbeParametersGenerator generator = MakePbeGenerator(
(string)algorithmType[mechanism], new Sha1Digest(), keyBytes, salt, iterationCount);
if (mechanism.Equals("PBEwithSHA-1and128bitRC4"))
{
parameters = generator.GenerateDerivedParameters("RC4", 128);
}
else if (mechanism.Equals("PBEwithSHA-1and40bitRC4"))
{
parameters = generator.GenerateDerivedParameters("RC4", 40);
}
else if (mechanism.Equals("PBEwithSHA-1and3-keyDESEDE-CBC"))
{
parameters = generator.GenerateDerivedParameters("DESEDE", 192, 64);
}
else if (mechanism.Equals("PBEwithSHA-1and2-keyDESEDE-CBC"))
{
parameters = generator.GenerateDerivedParameters("DESEDE", 128, 64);
}
else if (mechanism.Equals("PBEwithSHA-1and128bitRC2-CBC"))
{
parameters = generator.GenerateDerivedParameters("RC2", 128, 64);
}
else if (mechanism.Equals("PBEwithSHA-1and40bitRC2-CBC"))
{
parameters = generator.GenerateDerivedParameters("RC2", 40, 64);
}
else if (mechanism.Equals("PBEwithSHA-1andDES-CBC"))
{
parameters = generator.GenerateDerivedParameters("DES", 64, 64);
}
else if (mechanism.Equals("PBEwithSHA-1andRC2-CBC"))
{
parameters = generator.GenerateDerivedParameters("RC2", 64, 64);
}
else if (mechanism.Equals("PBEwithSHA-1and128bitAES-CBC-BC"))
{
parameters = generator.GenerateDerivedParameters("AES", 128, 128);
}
else if (mechanism.Equals("PBEwithSHA-1and192bitAES-CBC-BC"))
{
parameters = generator.GenerateDerivedParameters("AES", 192, 128);
}
else if (mechanism.Equals("PBEwithSHA-1and256bitAES-CBC-BC"))
{
parameters = generator.GenerateDerivedParameters("AES", 256, 128);
}
}
else if (mechanism.StartsWith("PBEwithSHA-256"))
{
PbeParametersGenerator generator = MakePbeGenerator(
(string)algorithmType[mechanism], new Sha256Digest(), keyBytes, salt, iterationCount);
if (mechanism.Equals("PBEwithSHA-256and128bitAES-CBC-BC"))
{
parameters = generator.GenerateDerivedParameters("AES", 128, 128);
}
else if (mechanism.Equals("PBEwithSHA-256and192bitAES-CBC-BC"))
{
parameters = generator.GenerateDerivedParameters("AES", 192, 128);
}
else if (mechanism.Equals("PBEwithSHA-256and256bitAES-CBC-BC"))
{
parameters = generator.GenerateDerivedParameters("AES", 256, 128);
}
}
else if (mechanism.StartsWith("PBEwithMD5"))
{
PbeParametersGenerator generator = MakePbeGenerator(
(string)algorithmType[mechanism], new MD5Digest(), keyBytes, salt, iterationCount);
if (mechanism.Equals("PBEwithMD5andDES-CBC"))
{
parameters = generator.GenerateDerivedParameters("DES", 64, 64);
}
else if (mechanism.Equals("PBEwithMD5andRC2-CBC"))
{
parameters = generator.GenerateDerivedParameters("RC2", 64, 64);
}
else if (mechanism.Equals("PBEwithMD5and128bitAES-CBC-OpenSSL"))
{
parameters = generator.GenerateDerivedParameters("AES", 128, 128);
}
else if (mechanism.Equals("PBEwithMD5and192bitAES-CBC-OpenSSL"))
{
parameters = generator.GenerateDerivedParameters("AES", 192, 128);
}
else if (mechanism.Equals("PBEwithMD5and256bitAES-CBC-OpenSSL"))
{
parameters = generator.GenerateDerivedParameters("AES", 256, 128);
}
}
else if (mechanism.StartsWith("PBEwithMD2"))
{
PbeParametersGenerator generator = MakePbeGenerator(
(string)algorithmType[mechanism], new MD2Digest(), keyBytes, salt, iterationCount);
if (mechanism.Equals("PBEwithMD2andDES-CBC"))
{
parameters = generator.GenerateDerivedParameters("DES", 64, 64);
}
else if (mechanism.Equals("PBEwithMD2andRC2-CBC"))
{
parameters = generator.GenerateDerivedParameters("RC2", 64, 64);
}
}
else if (mechanism.StartsWith("PBEwithHmac"))
{
string digestName = mechanism.Substring("PBEwithHmac".Length);
IDigest digest = DigestUtilities.GetDigest(digestName);
PbeParametersGenerator generator = MakePbeGenerator(
(string)algorithmType[mechanism], digest, keyBytes, salt, iterationCount);
int bitLen = digest.GetDigestSize() * 8;
parameters = generator.GenerateDerivedMacParameters(bitLen);
}
Array.Clear(keyBytes, 0, keyBytes.Length);
return(FixDesParity(mechanism, parameters));
}
public override void PerformTest()
{
char[] password = "******".ToCharArray();
PbeParametersGenerator generator = new Pkcs5S2ParametersGenerator();
EncryptedPrivateKeyInfo info = null;
try
{
info = EncryptedPrivateKeyInfo.GetInstance(Asn1Object.FromByteArray(sample));
}
catch (System.Exception e)
{
Fail("failed construction - exception " + e.ToString(), e);
}
PbeS2Parameters alg = PbeS2Parameters.GetInstance(info.EncryptionAlgorithm.Parameters);
Pbkdf2Params func = Pbkdf2Params.GetInstance(alg.KeyDerivationFunc.Parameters);
EncryptionScheme scheme = alg.EncryptionScheme;
if (func.KeyLength != null)
{
keySize = func.KeyLength.IntValue * 8;
}
int iterationCount = func.IterationCount.IntValue;
byte[] salt = func.GetSalt();
generator.Init(PbeParametersGenerator.Pkcs5PasswordToBytes(password), salt, iterationCount);
DerObjectIdentifier algOid = scheme.ObjectID;
byte[] iv;
if (algOid.Equals(PkcsObjectIdentifiers.RC2Cbc))
{
RC2CbcParameter rc2Params = RC2CbcParameter.GetInstance(scheme.Asn1Object);
iv = rc2Params.GetIV();
}
else
{
iv = ((Asn1OctetString)scheme.Asn1Object).GetOctets();
}
ICipherParameters param = new ParametersWithIV(
generator.GenerateDerivedParameters(algOid.Id, keySize), iv);
cipher.Init(false, param);
byte[] data = info.GetEncryptedData();
byte[] outBytes = new byte[cipher.GetOutputSize(data.Length)];
int len = cipher.ProcessBytes(data, 0, data.Length, outBytes, 0);
try
{
len += cipher.DoFinal(outBytes, len);
}
catch (Exception e)
{
Fail("failed DoFinal - exception " + e.ToString());
}
if (result.Length != len)
{
Fail("failed length");
}
for (int i = 0; i != len; i++)
{
if (outBytes[i] != result[i])
{
Fail("failed comparison");
}
}
}
