internal static AlgorithmIdentifier GetSigAlgID(
IParameters <Algorithm> algDetails)
{
AlgorithmIdentifier algId = null;
FipsRsa.SignatureParameters rsaParams = algDetails as FipsRsa.SignatureParameters;
if (rsaParams != null)
{
if (rsaParams.Algorithm == FipsRsa.Pkcs1v15.Algorithm)
{
algId = (AlgorithmIdentifier)rsaPkcs1Table[rsaParams.DigestAlgorithm];
}
if (algId != null)
{
return(algId);
}
}
FipsRsa.PssSignatureParameters rsaPssParams = algDetails as FipsRsa.PssSignatureParameters;
if (rsaPssParams != null)
{
if (rsaPssParams.DigestAlgorithm == rsaPssParams.MgfDigestAlgorithm)
{
AlgorithmIdentifier digAlgId = (AlgorithmIdentifier)pssTable[rsaPssParams.DigestAlgorithm];
if (digAlgId != null)
{
return(new AlgorithmIdentifier(PkcsObjectIdentifiers.IdRsassaPss, new RsassaPssParameters(digAlgId,
new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, digAlgId), new DerInteger(rsaPssParams.SaltLength), new DerInteger(1))));
}
}
}
FipsEC.SignatureParameters ecParams = algDetails as FipsEC.SignatureParameters;
if (ecParams != null)
{
algId = (AlgorithmIdentifier)ecdsaTable[ecParams.DigestAlgorithm];
if (algId != null)
{
return(algId);
}
}
FipsDsa.SignatureParameters dsaParams = algDetails as FipsDsa.SignatureParameters;
if (dsaParams != null)
{
algId = (AlgorithmIdentifier)dsaTable[dsaParams.DigestAlgorithm];
if (algId != null)
{
return(algId);
}
}
EC.SignatureParameters genEcParams = algDetails as EC.SignatureParameters;
if (genEcParams != null)
{
algId = (AlgorithmIdentifier)ecdsaTable[genEcParams.DigestAlgorithm];
if (algId != null)
{
return(algId);
}
}
Dsa.SignatureParameters genDsaParams = algDetails as Dsa.SignatureParameters;
if (genDsaParams != null)
{
algId = (AlgorithmIdentifier)dsaTable[genDsaParams.DigestAlgorithm];
if (algId != null)
{
return(algId);
}
}
Sphincs.SignatureParameters genSphincsParams = algDetails as Sphincs.SignatureParameters;
if (genSphincsParams != null)
{
if (genSphincsParams.DigestAlgorithm == FipsShs.Sha512)
{
return(new AlgorithmIdentifier(BCObjectIdentifiers.sphincs256_with_SHA512));
}
else
{
return(new AlgorithmIdentifier(BCObjectIdentifiers.sphincs256_with_SHA3_512));
}
}
throw new ArgumentException("unknown signature algorithm");
}
/// <summary>
/// Return a verifier factory that produces verifiers conforming to algorithmDetails.
/// </summary>
/// <param name="algorithmDetails">The configuration parameters for verifiers produced by the resulting factory.</param>
/// <returns>A new verifier factory.</returns>
public IVerifierFactory <AlgorithmIdentifier> CreateVerifierFactory(AlgorithmIdentifier algorithmDetails)
{
AsymmetricRsaPublicKey rsaKey = publicKey as AsymmetricRsaPublicKey;
if (rsaKey != null)
{
IVerifierFactoryService verifierService = CryptoServicesRegistrar.CreateService(rsaKey);
if (algorithmDetails.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss))
{
FipsRsa.PssSignatureParameters pssParams = FipsRsa.Pss;
RsassaPssParameters sigParams = RsassaPssParameters.GetInstance(algorithmDetails.Parameters);
pssParams = pssParams.WithDigest((FipsDigestAlgorithm)Utils.digestTable[sigParams.HashAlgorithm.Algorithm]);
AlgorithmIdentifier mgfDigAlg = AlgorithmIdentifier.GetInstance(AlgorithmIdentifier.GetInstance(sigParams.MaskGenAlgorithm).Parameters);
pssParams = pssParams.WithMgfDigest((FipsDigestAlgorithm)Utils.digestTable[mgfDigAlg.Algorithm]);
pssParams = pssParams.WithSaltLength(sigParams.SaltLength.Value.IntValue);
return(CreateVerifierFactory(algorithmDetails, verifierService.CreateVerifierFactory(pssParams), certificate));
}
else if (pkcs1Table.Contains(algorithmDetails.Algorithm))
{
FipsRsa.SignatureParameters rsaParams = FipsRsa.Pkcs1v15.WithDigest((FipsDigestAlgorithm)pkcs1Table[algorithmDetails.Algorithm]);
return(CreateVerifierFactory(algorithmDetails, verifierService.CreateVerifierFactory(rsaParams), certificate));
}
}
AsymmetricDsaPublicKey dsaKey = publicKey as AsymmetricDsaPublicKey;
if (dsaKey != null)
{
IVerifierFactoryService verifierService = CryptoServicesRegistrar.CreateService(dsaKey);
FipsDsa.SignatureParameters sigParams = (FipsDsa.SignatureParameters)dsaTable[algorithmDetails.Algorithm];
return(CreateVerifierFactory(algorithmDetails, verifierService.CreateVerifierFactory(sigParams), certificate));
}
AsymmetricECPublicKey ecdsaKey = publicKey as AsymmetricECPublicKey;
if (ecdsaKey != null)
{
IVerifierFactoryService verifierService = CryptoServicesRegistrar.CreateService(ecdsaKey);
FipsEC.SignatureParameters sigParams = (FipsEC.SignatureParameters)ecdsaTable[algorithmDetails.Algorithm];
return(CreateVerifierFactory(algorithmDetails, verifierService.CreateVerifierFactory(sigParams), certificate));
}
AsymmetricSphincsPublicKey sphincsKey = publicKey as AsymmetricSphincsPublicKey;
if (sphincsKey != null)
{
IVerifierFactoryService verifierService = CryptoServicesRegistrar.CreateService(sphincsKey);
if (algorithmDetails.Algorithm.Equals(BCObjectIdentifiers.sphincs256_with_SHA512))
{
return(CreateVerifierFactory(algorithmDetails, verifierService.CreateVerifierFactory(Sphincs.Sphincs256), certificate));
}
else
{
return(CreateVerifierFactory(algorithmDetails, verifierService.CreateVerifierFactory(Sphincs.Sphincs256.WithDigest(FipsShs.Sha3_512)), certificate));
}
}
throw new ArgumentException("cannot match signature algorithm");
}
