public IVerifierFactory <AlgorithmIdentifier> CreateVerifierFactory(AlgorithmIdentifier signatureAlgorithmID, AlgorithmIdentifier digestAlgorithmID)
        {
            IVerifierFactory <IParameters <Algorithm> > baseVerifier;

            AsymmetricRsaPublicKey rsaKey = publicKey as AsymmetricRsaPublicKey;

            if (rsaKey != null)
            {
                IVerifierFactoryService verifierService = CryptoServicesRegistrar.CreateService(rsaKey);

                if (signatureAlgorithmID.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss))
                {
                    FipsRsa.PssSignatureParameters pssParams = FipsRsa.Pss;
                    RsassaPssParameters            sigParams = RsassaPssParameters.GetInstance(signatureAlgorithmID.Parameters);

                    pssParams = pssParams.WithDigest((FipsDigestAlgorithm)Utils.digestTable[sigParams.HashAlgorithm.Algorithm]);
                    AlgorithmIdentifier mgfDigAlg = AlgorithmIdentifier.GetInstance(AlgorithmIdentifier.GetInstance(sigParams.MaskGenAlgorithm).Parameters);
                    pssParams = pssParams.WithMgfDigest((FipsDigestAlgorithm)Utils.digestTable[mgfDigAlg.Algorithm]);

                    pssParams = pssParams.WithSaltLength(sigParams.SaltLength.Value.IntValue);

                    return(CreateVerifierFactory(signatureAlgorithmID, verifierService.CreateVerifierFactory(pssParams), certificate));
                }
                else if (PkixVerifierFactoryProvider.pkcs1Table.Contains(signatureAlgorithmID.Algorithm))
                {
                    FipsRsa.SignatureParameters rsaParams = FipsRsa.Pkcs1v15.WithDigest((FipsDigestAlgorithm)PkixVerifierFactoryProvider.pkcs1Table[signatureAlgorithmID.Algorithm]);

                    return(CreateVerifierFactory(signatureAlgorithmID, verifierService.CreateVerifierFactory(rsaParams), certificate));
                }
                else if (signatureAlgorithmID.Algorithm.Equals(PkcsObjectIdentifiers.RsaEncryption))
                {
                    FipsRsa.SignatureParameters rsaParams = FipsRsa.Pkcs1v15.WithDigest((FipsDigestAlgorithm)Utils.digestTable[digestAlgorithmID.Algorithm]);

                    return(CreateVerifierFactory(signatureAlgorithmID, verifierService.CreateVerifierFactory(rsaParams), certificate));
                }
            }

            throw new ArgumentException("cannot match signature algorithm: " + signatureAlgorithmID.Algorithm);
        }
Example #2
0
        /// <summary>
        /// Return a verifier factory that produces verifiers conforming to algorithmDetails.
        /// </summary>
        /// <param name="algorithmDetails">The configuration parameters for verifiers produced by the resulting factory.</param>
        /// <returns>A new verifier factory.</returns>
        public IVerifierFactory <AlgorithmIdentifier> CreateVerifierFactory(AlgorithmIdentifier algorithmDetails)
        {
            AsymmetricRsaPublicKey rsaKey = publicKey as AsymmetricRsaPublicKey;

            if (rsaKey != null)
            {
                IVerifierFactoryService verifierService = CryptoServicesRegistrar.CreateService(rsaKey);

                if (algorithmDetails.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss))
                {
                    FipsRsa.PssSignatureParameters pssParams = FipsRsa.Pss;
                    RsassaPssParameters            sigParams = RsassaPssParameters.GetInstance(algorithmDetails.Parameters);

                    pssParams = pssParams.WithDigest((FipsDigestAlgorithm)Utils.digestTable[sigParams.HashAlgorithm.Algorithm]);
                    AlgorithmIdentifier mgfDigAlg = AlgorithmIdentifier.GetInstance(AlgorithmIdentifier.GetInstance(sigParams.MaskGenAlgorithm).Parameters);
                    pssParams = pssParams.WithMgfDigest((FipsDigestAlgorithm)Utils.digestTable[mgfDigAlg.Algorithm]);

                    pssParams = pssParams.WithSaltLength(sigParams.SaltLength.Value.IntValue);

                    return(CreateVerifierFactory(algorithmDetails, verifierService.CreateVerifierFactory(pssParams), certificate));
                }
                else if (pkcs1Table.Contains(algorithmDetails.Algorithm))
                {
                    FipsRsa.SignatureParameters rsaParams = FipsRsa.Pkcs1v15.WithDigest((FipsDigestAlgorithm)pkcs1Table[algorithmDetails.Algorithm]);

                    return(CreateVerifierFactory(algorithmDetails, verifierService.CreateVerifierFactory(rsaParams), certificate));
                }
            }

            AsymmetricDsaPublicKey dsaKey = publicKey as AsymmetricDsaPublicKey;

            if (dsaKey != null)
            {
                IVerifierFactoryService verifierService = CryptoServicesRegistrar.CreateService(dsaKey);

                FipsDsa.SignatureParameters sigParams = (FipsDsa.SignatureParameters)dsaTable[algorithmDetails.Algorithm];

                return(CreateVerifierFactory(algorithmDetails, verifierService.CreateVerifierFactory(sigParams), certificate));
            }

            AsymmetricECPublicKey ecdsaKey = publicKey as AsymmetricECPublicKey;

            if (ecdsaKey != null)
            {
                IVerifierFactoryService verifierService = CryptoServicesRegistrar.CreateService(ecdsaKey);

                FipsEC.SignatureParameters sigParams = (FipsEC.SignatureParameters)ecdsaTable[algorithmDetails.Algorithm];

                return(CreateVerifierFactory(algorithmDetails, verifierService.CreateVerifierFactory(sigParams), certificate));
            }

            AsymmetricSphincsPublicKey sphincsKey = publicKey as AsymmetricSphincsPublicKey;

            if (sphincsKey != null)
            {
                IVerifierFactoryService verifierService = CryptoServicesRegistrar.CreateService(sphincsKey);
                if (algorithmDetails.Algorithm.Equals(BCObjectIdentifiers.sphincs256_with_SHA512))
                {
                    return(CreateVerifierFactory(algorithmDetails, verifierService.CreateVerifierFactory(Sphincs.Sphincs256), certificate));
                }
                else
                {
                    return(CreateVerifierFactory(algorithmDetails, verifierService.CreateVerifierFactory(Sphincs.Sphincs256.WithDigest(FipsShs.Sha3_512)), certificate));
                }
            }

            throw new ArgumentException("cannot match signature algorithm");
        }