private SymmetricAlgorithm GetSymmetricAlgorithm (string algorithmOid, byte[] salt, int iterationCount)
{
string algorithm = null;
int keyLength = 8; // 64 bits (default)
int ivLength = 8; // 64 bits (default)
PKCS12.DeriveBytes pd = new PKCS12.DeriveBytes ();
pd.Password = _password;
pd.Salt = salt;
pd.IterationCount = iterationCount;
switch (algorithmOid) {
case PKCS5.pbeWithMD2AndDESCBC: // no unit test available
pd.HashName = "MD2";
algorithm = "DES";
break;
case PKCS5.pbeWithMD5AndDESCBC: // no unit test available
pd.HashName = "MD5";
algorithm = "DES";
break;
case PKCS5.pbeWithMD2AndRC2CBC: // no unit test available
// TODO - RC2-CBC-Parameter (PKCS5)
// if missing default to 32 bits !!!
pd.HashName = "MD2";
algorithm = "RC2";
keyLength = 4; // default
break;
case PKCS5.pbeWithMD5AndRC2CBC: // no unit test available
// TODO - RC2-CBC-Parameter (PKCS5)
// if missing default to 32 bits !!!
pd.HashName = "MD5";
algorithm = "RC2";
keyLength = 4; // default
break;
case PKCS5.pbeWithSHA1AndDESCBC: // no unit test available
pd.HashName = "SHA1";
algorithm = "DES";
break;
case PKCS5.pbeWithSHA1AndRC2CBC: // no unit test available
// TODO - RC2-CBC-Parameter (PKCS5)
// if missing default to 32 bits !!!
pd.HashName = "SHA1";
algorithm = "RC2";
keyLength = 4; // default
break;
case PKCS12.pbeWithSHAAnd128BitRC4: // no unit test available
pd.HashName = "SHA1";
algorithm = "RC4";
keyLength = 16;
ivLength = 0; // N/A
break;
case PKCS12.pbeWithSHAAnd40BitRC4: // no unit test available
pd.HashName = "SHA1";
algorithm = "RC4";
keyLength = 5;
ivLength = 0; // N/A
break;
case PKCS12.pbeWithSHAAnd3KeyTripleDESCBC:
pd.HashName = "SHA1";
algorithm = "TripleDES";
keyLength = 24;
break;
case PKCS12.pbeWithSHAAnd2KeyTripleDESCBC: // no unit test available
pd.HashName = "SHA1";
algorithm = "TripleDES";
keyLength = 16;
break;
case PKCS12.pbeWithSHAAnd128BitRC2CBC: // no unit test available
pd.HashName = "SHA1";
algorithm = "RC2";
keyLength = 16;
break;
case PKCS12.pbeWithSHAAnd40BitRC2CBC:
pd.HashName = "SHA1";
algorithm = "RC2";
keyLength = 5;
break;
default:
throw new NotSupportedException ("unknown oid " + algorithm);
}
SymmetricAlgorithm sa = null;
sa = SymmetricAlgorithm.Create(algorithm);
sa.Key = pd.DeriveKey (keyLength);
// IV required only for block ciphers (not stream ciphers)
if (ivLength > 0) {
sa.IV = pd.DeriveIV (ivLength);
sa.Mode = CipherMode.CBC;
}
return sa;
}
private byte[] MAC (byte[] password, byte[] salt, int iterations, byte[] data)
{
PKCS12.DeriveBytes pd = new PKCS12.DeriveBytes ();
pd.HashName = "SHA1";
pd.Password = password;
pd.Salt = salt;
pd.IterationCount = iterations;
HMACSHA1 hmac = (HMACSHA1) HMACSHA1.Create ();
hmac.Key = pd.DeriveMAC (20);
return hmac.ComputeHash (data, 0, data.Length);
}
