internal void Encode(AsnWriter writer, Asn1Tag tag)
{
writer.PushSequence(tag);
// DEFAULT value handler for HashAlgorithm.
{
using (AsnWriter tmp = new AsnWriter(AsnEncodingRules.DER))
{
HashAlgorithm.Encode(tmp);
ReadOnlySpan <byte> encoded = tmp.EncodeAsSpan();
if (!encoded.SequenceEqual(DefaultHashAlgorithm))
{
writer.WriteEncodedValue(encoded);
}
}
}
writer.WriteOctetString(Hash.Span);
if (IssuerSerial.HasValue)
{
IssuerSerial.Value.Encode(writer);
}
writer.PopSequence(tag);
}
internal void Encode(AsnWriter writer, Asn1Tag tag)
{
writer.PushSequence(tag);
writer.WriteInteger(Version);
writer.PushSequence(new Asn1Tag(TagClass.ContextSpecific, 0));
Originator.Encode(writer);
writer.PopSequence(new Asn1Tag(TagClass.ContextSpecific, 0));
if (Ukm.HasValue)
{
writer.PushSequence(new Asn1Tag(TagClass.ContextSpecific, 1));
writer.WriteOctetString(Ukm.Value.Span);
writer.PopSequence(new Asn1Tag(TagClass.ContextSpecific, 1));
}
KeyEncryptionAlgorithm.Encode(writer);
writer.PushSequence();
for (int i = 0; i < RecipientEncryptedKeys.Length; i++)
{
RecipientEncryptedKeys[i].Encode(writer);
}
writer.PopSequence();
writer.PopSequence(tag);
}
internal void Encode(AsnWriter writer, Asn1Tag tag)
{
writer.PushSequence(tag);
Algorithm.Encode(writer);
writer.WriteBitString(PublicKey.Span);
writer.PopSequence(tag);
}
internal void Encode(AsnWriter writer, Asn1Tag tag)
{
writer.PushSequence(tag);
HashAlgorithm.Encode(writer);
writer.WriteOctetString(HashedMessage.Span);
writer.PopSequence(tag);
}
internal void Encode(AsnWriter writer, Asn1Tag tag)
{
writer.PushSequence(tag);
writer.WriteInteger(Version);
Rid.Encode(writer);
KeyEncryptionAlgorithm.Encode(writer);
writer.WriteOctetString(EncryptedKey.Span);
writer.PopSequence(tag);
}
public void Encode(AsnWriter writer)
{
writer.PushSequence();
DigestAlgorithm.Encode(writer);
if (SignatureAlgorithm != null)
{
SignatureAlgorithm.Value.Encode(writer, new Asn1Tag(TagClass.ContextSpecific, 1));
}
else
{
MacAlgorithm.Value.Encode(writer, new Asn1Tag(TagClass.ContextSpecific, 2));
}
writer.PopSequence();
}
internal void Encode(AsnWriter writer, Asn1Tag tag)
{
writer.PushSequence(tag);
writer.WriteInteger(Version);
Sid.Encode(writer);
DigestAlgorithm.Encode(writer);
if (SignedAttributes.HasValue)
{
// Validator for tag constraint for SignedAttributes
{
if (!Asn1Tag.TryDecode(SignedAttributes.Value.Span, out Asn1Tag validateTag, out _) ||
!validateTag.HasSameClassAndValue(new Asn1Tag(TagClass.ContextSpecific, 0)))
{
throw new CryptographicException();
}
}
writer.WriteEncodedValue(SignedAttributes.Value.Span);
}
SignatureAlgorithm.Encode(writer);
writer.WriteOctetString(SignatureValue.Span);
if (UnsignedAttributes != null)
{
writer.PushSetOf(new Asn1Tag(TagClass.ContextSpecific, 1));
for (int i = 0; i < UnsignedAttributes.Length; i++)
{
UnsignedAttributes[i].Encode(writer);
}
writer.PopSetOf(new Asn1Tag(TagClass.ContextSpecific, 1));
}
else
{
writer.WriteByte(161);
writer.WriteByte(0);
}
writer.PopSequence(tag);
}
public override byte[] GetSignatureAlgorithmIdentifier(HashAlgorithmName hashAlgorithm)
{
// If we ever support options in PSS (like MGF-2, if such an MGF is ever invented)
// Or, more reasonably, supporting a custom value for the salt size.
if (_padding != RSASignaturePadding.Pss)
{
throw new CryptographicException(SR.Cryptography_InvalidPaddingMode);
}
uint cbSalt;
string digestOid;
if (hashAlgorithm == HashAlgorithmName.SHA256)
{
cbSalt = 256 / 8;
digestOid = Oids.Sha256;
}
else if (hashAlgorithm == HashAlgorithmName.SHA384)
{
cbSalt = 384 / 8;
digestOid = Oids.Sha384;
}
else if (hashAlgorithm == HashAlgorithmName.SHA512)
{
cbSalt = 512 / 8;
digestOid = Oids.Sha512;
}
else
{
throw new ArgumentOutOfRangeException(
nameof(hashAlgorithm),
hashAlgorithm,
SR.Format(SR.Cryptography_UnknownHashAlgorithm, hashAlgorithm.Name));
}
// RFC 5754 says that the NULL for SHA2 (256/384/512) MUST be omitted
// (https://tools.ietf.org/html/rfc5754#section-2) (and that you MUST
// be able to read it even if someone wrote it down)
//
// Since we
// * don't support SHA-1 in this class
// * only support MGF-1
// * don't support the MGF PRF being different than hashAlgorithm
// * use saltLength==hashLength
// * don't allow custom trailer
// we don't have to worry about any of the DEFAULTs. (specify, specify, specify, omit).
PssParamsAsn parameters = new PssParamsAsn
{
HashAlgorithm = new AlgorithmIdentifierAsn {
Algorithm = new Oid(digestOid)
},
MaskGenAlgorithm = new AlgorithmIdentifierAsn {
Algorithm = new Oid(Oids.Mgf1)
},
SaltLength = cbSalt,
TrailerField = 1,
};
using (AsnWriter mgfParamWriter = new AsnWriter(AsnEncodingRules.DER))
{
mgfParamWriter.PushSequence();
mgfParamWriter.WriteObjectIdentifier(digestOid);
mgfParamWriter.PopSequence();
parameters.MaskGenAlgorithm.Parameters = mgfParamWriter.Encode();
}
using (AsnWriter parametersWriter = new AsnWriter(AsnEncodingRules.DER))
using (AsnWriter identifierWriter = new AsnWriter(AsnEncodingRules.DER))
{
parameters.Encode(parametersWriter);
AlgorithmIdentifierAsn identifier = new AlgorithmIdentifierAsn
{
Algorithm = new Oid(Oids.RsaPss),
Parameters = parametersWriter.Encode(),
};
identifier.Encode(identifierWriter);
return(identifierWriter.Encode());
}
}
