private bool DoVerify(
AsymmetricKeyParameter key)
{
string digestName = Helper.GetDigestAlgName(this.DigestAlgOid);
IDigest digest = Helper.GetDigestInstance(digestName);
DerObjectIdentifier sigAlgOid = this.encryptionAlgorithm.ObjectID;
Asn1Encodable sigParams = this.encryptionAlgorithm.Parameters;
ISigner sig;
if (sigAlgOid.Equals(Asn1.Pkcs.PkcsObjectIdentifiers.IdRsassaPss))
{
// RFC 4056 2.2
// When the id-RSASSA-PSS algorithm identifier is used for a signature,
// the AlgorithmIdentifier parameters field MUST contain RSASSA-PSS-params.
if (sigParams == null)
{
throw new CmsException("RSASSA-PSS signature must specify algorithm parameters");
}
try
{
// TODO Provide abstract configuration mechanism
// (via alternate SignerUtilities.GetSigner method taking ASN.1 params)
Asn1.Pkcs.RsassaPssParameters pss = Asn1.Pkcs.RsassaPssParameters.GetInstance(
sigParams.ToAsn1Object());
if (!pss.HashAlgorithm.ObjectID.Equals(this.digestAlgorithm.ObjectID))
{
throw new CmsException("RSASSA-PSS signature parameters specified incorrect hash algorithm");
}
if (!pss.MaskGenAlgorithm.ObjectID.Equals(Asn1.Pkcs.PkcsObjectIdentifiers.IdMgf1))
{
throw new CmsException("RSASSA-PSS signature parameters specified unknown MGF");
}
IDigest pssDigest = DigestUtilities.GetDigest(pss.HashAlgorithm.ObjectID);
int saltLength = pss.SaltLength.Value.IntValue;
byte trailerField = (byte)pss.TrailerField.Value.IntValue;
// RFC 4055 3.1
// The value MUST be 1, which represents the trailer field with hexadecimal value 0xBC
if (trailerField != 1)
{
throw new CmsException("RSASSA-PSS signature parameters must have trailerField of 1");
}
sig = new PssSigner(new RsaBlindedEngine(), pssDigest, saltLength);
}
catch (Exception e)
{
throw new CmsException("failed to set RSASSA-PSS signature parameters", e);
}
}
else
{
// TODO Probably too strong a check at the moment
// if (sigParams != null)
// throw new CmsException("unrecognised signature parameters provided");
string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(this.EncryptionAlgOid);
sig = Helper.GetSignatureInstance(signatureName);
}
try
{
if (digestCalculator != null)
{
resultDigest = digestCalculator.GetDigest();
}
else
{
if (content != null)
{
content.Write(new DigOutputStream(digest));
}
else if (signedAttributeSet == null)
{
// TODO Get rid of this exception and just treat content==null as empty not missing?
throw new CmsException("data not encapsulated in signature - use detached constructor.");
}
resultDigest = DigestUtilities.DoFinal(digest);
}
}
catch (IOException e)
{
throw new CmsException("can't process mime object to create signature.", e);
}
// RFC 3852 11.1 Check the content-type attribute is correct
{
Asn1Object validContentType = GetSingleValuedSignedAttribute(
CmsAttributes.ContentType, "content-type");
if (validContentType == null)
{
if (!isCounterSignature && signedAttributeSet != null)
{
throw new CmsException("The content-type attribute type MUST be present whenever signed attributes are present in signed-data");
}
}
else
{
if (isCounterSignature)
{
throw new CmsException("[For counter signatures,] the signedAttributes field MUST NOT contain a content-type attribute");
}
if (!(validContentType is DerObjectIdentifier))
{
throw new CmsException("content-type attribute value not of ASN.1 type 'OBJECT IDENTIFIER'");
}
DerObjectIdentifier signedContentType = (DerObjectIdentifier)validContentType;
if (!signedContentType.Equals(contentType))
{
throw new CmsException("content-type attribute value does not match eContentType");
}
}
}
// RFC 3852 11.2 Check the message-digest attribute is correct
{
Asn1Object validMessageDigest = GetSingleValuedSignedAttribute(
CmsAttributes.MessageDigest, "message-digest");
if (validMessageDigest == null)
{
if (signedAttributeSet != null)
{
throw new CmsException("the message-digest signed attribute type MUST be present when there are any signed attributes present");
}
}
else
{
if (!(validMessageDigest is Asn1OctetString))
{
throw new CmsException("message-digest attribute value not of ASN.1 type 'OCTET STRING'");
}
Asn1OctetString signedMessageDigest = (Asn1OctetString)validMessageDigest;
if (!Arrays.AreEqual(resultDigest, signedMessageDigest.GetOctets()))
{
throw new CmsException("message-digest attribute value does not match calculated value");
}
}
}
// RFC 3852 11.4 Validate countersignature attribute(s)
{
Asn1.Cms.AttributeTable signedAttrTable = this.SignedAttributes;
if (signedAttrTable != null &&
signedAttrTable.GetAll(CmsAttributes.CounterSignature).Count > 0)
{
throw new CmsException("A countersignature attribute MUST NOT be a signed attribute");
}
Asn1.Cms.AttributeTable unsignedAttrTable = this.UnsignedAttributes;
if (unsignedAttrTable != null)
{
foreach (Asn1.Cms.Attribute csAttr in unsignedAttrTable.GetAll(CmsAttributes.CounterSignature))
{
if (csAttr.AttrValues.Count < 1)
{
throw new CmsException("A countersignature attribute MUST contain at least one AttributeValue");
}
// Note: We don't recursively validate the countersignature value
}
}
}
try
{
sig.Init(false, key);
if (signedAttributeSet == null)
{
if (digestCalculator != null)
{
// need to decrypt signature and check message bytes
return(VerifyDigest(resultDigest, key, this.GetSignature()));
}
else if (content != null)
{
// TODO Use raw signature of the hash value instead
content.Write(new SigOutputStream(sig));
}
}
else
{
byte[] tmp = this.GetEncodedSignedAttributes();
sig.BlockUpdate(tmp, 0, tmp.Length);
}
return(sig.VerifySignature(this.GetSignature()));
}
catch (InvalidKeyException e)
{
throw new CmsException("key not appropriate to signature in message.", e);
}
catch (IOException e)
{
throw new CmsException("can't process mime object to create signature.", e);
}
catch (SignatureException e)
{
throw new CmsException("invalid signature format in message: " + e.Message, e);
}
}
public static ISigner GetSigner(
string algorithm)
{
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
algorithm = Platform.ToUpperInvariant(algorithm);
string mechanism = (string)algorithms[algorithm];
if (mechanism == null)
{
mechanism = algorithm;
}
if (mechanism.Equals("RSA"))
{
return(new RsaDigestSigner(new NullDigest(), (AlgorithmIdentifier)null));
}
if (mechanism.Equals("MD2withRSA"))
{
return(new RsaDigestSigner(new MD2Digest()));
}
if (mechanism.Equals("MD4withRSA"))
{
return(new RsaDigestSigner(new MD4Digest()));
}
if (mechanism.Equals("MD5withRSA"))
{
return(new RsaDigestSigner(new MD5Digest()));
}
if (mechanism.Equals("SHA-1withRSA"))
{
return(new RsaDigestSigner(new Sha1Digest()));
}
if (mechanism.Equals("SHA-224withRSA"))
{
return(new RsaDigestSigner(new Sha224Digest()));
}
if (mechanism.Equals("SHA-256withRSA"))
{
return(new RsaDigestSigner(new Sha256Digest()));
}
if (mechanism.Equals("SHA-384withRSA"))
{
return(new RsaDigestSigner(new Sha384Digest()));
}
if (mechanism.Equals("SHA-512withRSA"))
{
return(new RsaDigestSigner(new Sha512Digest()));
}
if (mechanism.Equals("RIPEMD128withRSA"))
{
return(new RsaDigestSigner(new RipeMD128Digest()));
}
if (mechanism.Equals("RIPEMD160withRSA"))
{
return(new RsaDigestSigner(new RipeMD160Digest()));
}
if (mechanism.Equals("RIPEMD256withRSA"))
{
return(new RsaDigestSigner(new RipeMD256Digest()));
}
if (mechanism.Equals("RAWRSASSA-PSS"))
{
// TODO Add support for other parameter settings
return(PssSigner.CreateRawSigner(new RsaBlindedEngine(), new Sha1Digest()));
}
if (mechanism.Equals("PSSwithRSA"))
{
// TODO The Sha1Digest here is a default. In JCE version, the actual digest
// to be used can be overridden by subsequent parameter settings.
return(new PssSigner(new RsaBlindedEngine(), new Sha1Digest()));
}
if (mechanism.Equals("SHA-1withRSAandMGF1"))
{
return(new PssSigner(new RsaBlindedEngine(), new Sha1Digest()));
}
if (mechanism.Equals("SHA-224withRSAandMGF1"))
{
return(new PssSigner(new RsaBlindedEngine(), new Sha224Digest()));
}
if (mechanism.Equals("SHA-256withRSAandMGF1"))
{
return(new PssSigner(new RsaBlindedEngine(), new Sha256Digest()));
}
if (mechanism.Equals("SHA-384withRSAandMGF1"))
{
return(new PssSigner(new RsaBlindedEngine(), new Sha384Digest()));
}
if (mechanism.Equals("SHA-512withRSAandMGF1"))
{
return(new PssSigner(new RsaBlindedEngine(), new Sha512Digest()));
}
if (mechanism.Equals("NONEwithDSA"))
{
return(new DsaDigestSigner(new DsaSigner(), new NullDigest()));
}
if (mechanism.Equals("SHA-1withDSA"))
{
return(new DsaDigestSigner(new DsaSigner(), new Sha1Digest()));
}
if (mechanism.Equals("SHA-224withDSA"))
{
return(new DsaDigestSigner(new DsaSigner(), new Sha224Digest()));
}
if (mechanism.Equals("SHA-256withDSA"))
{
return(new DsaDigestSigner(new DsaSigner(), new Sha256Digest()));
}
if (mechanism.Equals("SHA-384withDSA"))
{
return(new DsaDigestSigner(new DsaSigner(), new Sha384Digest()));
}
if (mechanism.Equals("SHA-512withDSA"))
{
return(new DsaDigestSigner(new DsaSigner(), new Sha512Digest()));
}
if (mechanism.Equals("NONEwithECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new NullDigest()));
}
if (mechanism.Equals("SHA-1withECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new Sha1Digest()));
}
if (mechanism.Equals("SHA-224withECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new Sha224Digest()));
}
if (mechanism.Equals("SHA-256withECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new Sha256Digest()));
}
if (mechanism.Equals("SHA-384withECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new Sha384Digest()));
}
if (mechanism.Equals("SHA-512withECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new Sha512Digest()));
}
if (mechanism.Equals("RIPEMD160withECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new RipeMD160Digest()));
}
if (mechanism.Equals("SHA1WITHECNR"))
{
return(new DsaDigestSigner(new ECNRSigner(), new Sha1Digest()));
}
if (mechanism.Equals("SHA224WITHECNR"))
{
return(new DsaDigestSigner(new ECNRSigner(), new Sha224Digest()));
}
if (mechanism.Equals("SHA256WITHECNR"))
{
return(new DsaDigestSigner(new ECNRSigner(), new Sha256Digest()));
}
if (mechanism.Equals("SHA384WITHECNR"))
{
return(new DsaDigestSigner(new ECNRSigner(), new Sha384Digest()));
}
if (mechanism.Equals("SHA512WITHECNR"))
{
return(new DsaDigestSigner(new ECNRSigner(), new Sha512Digest()));
}
if (mechanism.Equals("GOST3410"))
{
return(new Gost3410DigestSigner(new Gost3410Signer(), new Gost3411Digest()));
}
if (mechanism.Equals("ECGOST3410"))
{
return(new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411Digest()));
}
if (mechanism.Equals("SHA1WITHRSA/ISO9796-2"))
{
return(new Iso9796d2Signer(new RsaBlindedEngine(), new Sha1Digest(), true));
}
if (mechanism.Equals("MD5WITHRSA/ISO9796-2"))
{
return(new Iso9796d2Signer(new RsaBlindedEngine(), new MD5Digest(), true));
}
if (mechanism.Equals("RIPEMD160WITHRSA/ISO9796-2"))
{
return(new Iso9796d2Signer(new RsaBlindedEngine(), new RipeMD160Digest(), true));
}
if (mechanism.EndsWith("/X9.31"))
{
string x931 = mechanism.Substring(0, mechanism.Length - "/X9.31".Length);
int withPos = x931.IndexOf("WITH");
if (withPos > 0)
{
int endPos = withPos + "WITH".Length;
string digestName = x931.Substring(0, withPos);
IDigest digest = DigestUtilities.GetDigest(digestName);
string cipherName = x931.Substring(endPos, x931.Length - endPos);
if (cipherName.Equals("RSA"))
{
IAsymmetricBlockCipher cipher = new RsaBlindedEngine();
return(new X931Signer(cipher, digest));
}
}
}
throw new SecurityUtilityException("Signer " + algorithm + " not recognised.");
}
private bool DoVerify(AsymmetricKeyParameter key)
{
//IL_019b: Expected O, but got Unknown
//IL_03a0: Expected O, but got Unknown
string digestAlgName = Helper.GetDigestAlgName(DigestAlgOid);
IDigest digestInstance = Helper.GetDigestInstance(digestAlgName);
DerObjectIdentifier algorithm = encryptionAlgorithm.Algorithm;
Asn1Encodable parameters = encryptionAlgorithm.Parameters;
ISigner signer;
if (algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss))
{
if (parameters == null)
{
throw new CmsException("RSASSA-PSS signature must specify algorithm parameters");
}
try
{
RsassaPssParameters instance = RsassaPssParameters.GetInstance(parameters.ToAsn1Object());
if (!instance.HashAlgorithm.Algorithm.Equals(digestAlgorithm.Algorithm))
{
throw new CmsException("RSASSA-PSS signature parameters specified incorrect hash algorithm");
}
if (!instance.MaskGenAlgorithm.Algorithm.Equals(PkcsObjectIdentifiers.IdMgf1))
{
throw new CmsException("RSASSA-PSS signature parameters specified unknown MGF");
}
IDigest digest = DigestUtilities.GetDigest(instance.HashAlgorithm.Algorithm);
int intValue = instance.SaltLength.Value.IntValue;
byte b = (byte)instance.TrailerField.Value.IntValue;
if (b != 1)
{
throw new CmsException("RSASSA-PSS signature parameters must have trailerField of 1");
}
signer = new PssSigner(new RsaBlindedEngine(), digest, intValue);
}
catch (global::System.Exception e)
{
throw new CmsException("failed to set RSASSA-PSS signature parameters", e);
}
}
else
{
string algorithm2 = digestAlgName + "with" + Helper.GetEncryptionAlgName(EncryptionAlgOid);
signer = Helper.GetSignatureInstance(algorithm2);
}
try
{
if (digestCalculator != null)
{
resultDigest = digestCalculator.GetDigest();
}
else
{
if (content != null)
{
content.Write((Stream)(object)new DigOutputStream(digestInstance));
}
else if (signedAttributeSet == null)
{
throw new CmsException("data not encapsulated in signature - use detached constructor.");
}
resultDigest = DigestUtilities.DoFinal(digestInstance);
}
}
catch (IOException val)
{
IOException e2 = val;
throw new CmsException("can't process mime object to create signature.", (global::System.Exception)(object) e2);
}
Asn1Object singleValuedSignedAttribute = GetSingleValuedSignedAttribute(CmsAttributes.ContentType, "content-type");
if (singleValuedSignedAttribute == null)
{
if (!isCounterSignature && signedAttributeSet != null)
{
throw new CmsException("The content-type attribute type MUST be present whenever signed attributes are present in signed-data");
}
}
else
{
if (isCounterSignature)
{
throw new CmsException("[For counter signatures,] the signedAttributes field MUST NOT contain a content-type attribute");
}
if (!(singleValuedSignedAttribute is DerObjectIdentifier))
{
throw new CmsException("content-type attribute value not of ASN.1 type 'OBJECT IDENTIFIER'");
}
DerObjectIdentifier derObjectIdentifier = (DerObjectIdentifier)singleValuedSignedAttribute;
if (!derObjectIdentifier.Equals(contentType))
{
throw new CmsException("content-type attribute value does not match eContentType");
}
}
Asn1Object singleValuedSignedAttribute2 = GetSingleValuedSignedAttribute(CmsAttributes.MessageDigest, "message-digest");
if (singleValuedSignedAttribute2 == null)
{
if (signedAttributeSet != null)
{
throw new CmsException("the message-digest signed attribute type MUST be present when there are any signed attributes present");
}
}
else
{
if (!(singleValuedSignedAttribute2 is Asn1OctetString))
{
throw new CmsException("message-digest attribute value not of ASN.1 type 'OCTET STRING'");
}
Asn1OctetString asn1OctetString = (Asn1OctetString)singleValuedSignedAttribute2;
if (!Arrays.AreEqual(resultDigest, asn1OctetString.GetOctets()))
{
throw new CmsException("message-digest attribute value does not match calculated value");
}
}
Org.BouncyCastle.Asn1.Cms.AttributeTable signedAttributes = SignedAttributes;
if (signedAttributes != null && signedAttributes.GetAll(CmsAttributes.CounterSignature).Count > 0)
{
throw new CmsException("A countersignature attribute MUST NOT be a signed attribute");
}
Org.BouncyCastle.Asn1.Cms.AttributeTable unsignedAttributes = UnsignedAttributes;
if (unsignedAttributes != null)
{
{
global::System.Collections.IEnumerator enumerator = unsignedAttributes.GetAll(CmsAttributes.CounterSignature).GetEnumerator();
try
{
while (enumerator.MoveNext())
{
Attribute attribute = (Attribute)enumerator.get_Current();
if (attribute.AttrValues.Count < 1)
{
throw new CmsException("A countersignature attribute MUST contain at least one AttributeValue");
}
}
}
finally
{
global::System.IDisposable disposable = enumerator as global::System.IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
}
}
try
{
signer.Init(forSigning: false, key);
if (signedAttributeSet == null)
{
if (digestCalculator != null)
{
return(VerifyDigest(resultDigest, key, GetSignature()));
}
if (content != null)
{
content.Write((Stream)(object)new SigOutputStream(signer));
}
}
else
{
byte[] encodedSignedAttributes = GetEncodedSignedAttributes();
signer.BlockUpdate(encodedSignedAttributes, 0, encodedSignedAttributes.Length);
}
return(signer.VerifySignature(GetSignature()));
}
catch (InvalidKeyException e3)
{
throw new CmsException("key not appropriate to signature in message.", e3);
}
catch (IOException val2)
{
IOException e4 = val2;
throw new CmsException("can't process mime object to create signature.", (global::System.Exception)(object) e4);
}
catch (SignatureException ex)
{
throw new CmsException("invalid signature format in message: " + ((global::System.Exception)ex).get_Message(), ex);
}
}
public static ISigner GetSigner(string algorithm)
{
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
algorithm = Platform.StringToUpper(algorithm);
var mechanism = (string)algorithms[algorithm] ?? algorithm;
if (mechanism.Equals("RSA"))
{
return(new RsaDigestSigner(new NullDigest()));
}
if (mechanism.Equals("MD2withRSA"))
{
return(new RsaDigestSigner(new MD2Digest()));
}
if (mechanism.Equals("MD4withRSA"))
{
return(new RsaDigestSigner(new MD4Digest()));
}
if (mechanism.Equals("MD5withRSA"))
{
return(new RsaDigestSigner(new MD5Digest()));
}
if (mechanism.Equals("SHA-1withRSA"))
{
return(new RsaDigestSigner(new Sha1Digest()));
}
if (mechanism.Equals("SHA-224withRSA"))
{
return(new RsaDigestSigner(new Sha224Digest()));
}
if (mechanism.Equals("SHA-256withRSA"))
{
return(new RsaDigestSigner(new Sha256Digest()));
}
if (mechanism.Equals("SHA-384withRSA"))
{
return(new RsaDigestSigner(new Sha384Digest()));
}
if (mechanism.Equals("SHA-512withRSA"))
{
return(new RsaDigestSigner(new Sha512Digest()));
}
if (mechanism.Equals("RIPEMD128withRSA"))
{
return(new RsaDigestSigner(new RipeMD128Digest()));
}
if (mechanism.Equals("RIPEMD160withRSA"))
{
return(new RsaDigestSigner(new RipeMD160Digest()));
}
if (mechanism.Equals("RIPEMD256withRSA"))
{
return(new RsaDigestSigner(new RipeMD256Digest()));
}
if (mechanism.Equals("RAWRSASSA-PSS"))
{
// TODO Add support for other parameter settings
return(PssSigner.CreateRawSigner(new RsaBlindedEngine(), new Sha1Digest()));
}
if (mechanism.Equals("PSSwithRSA"))
{
// TODO The Sha1Digest here is a default. In JCE version, the actual digest
// to be used can be overridden by subsequent parameter settings.
return(new PssSigner(new RsaBlindedEngine(), new Sha1Digest()));
}
if (mechanism.Equals("SHA-1withRSAandMGF1"))
{
return(new PssSigner(new RsaBlindedEngine(), new Sha1Digest()));
}
if (mechanism.Equals("SHA-224withRSAandMGF1"))
{
return(new PssSigner(new RsaBlindedEngine(), new Sha224Digest()));
}
if (mechanism.Equals("SHA-256withRSAandMGF1"))
{
return(new PssSigner(new RsaBlindedEngine(), new Sha256Digest()));
}
if (mechanism.Equals("SHA-384withRSAandMGF1"))
{
return(new PssSigner(new RsaBlindedEngine(), new Sha384Digest()));
}
if (mechanism.Equals("SHA-512withRSAandMGF1"))
{
return(new PssSigner(new RsaBlindedEngine(), new Sha512Digest()));
}
if (mechanism.Equals("NONEwithDSA"))
{
return(new DsaDigestSigner(new DsaSigner(), new NullDigest()));
}
if (mechanism.Equals("SHA-1withDSA"))
{
return(new DsaDigestSigner(new DsaSigner(), new Sha1Digest()));
}
if (mechanism.Equals("SHA-224withDSA"))
{
return(new DsaDigestSigner(new DsaSigner(), new Sha224Digest()));
}
if (mechanism.Equals("SHA-256withDSA"))
{
return(new DsaDigestSigner(new DsaSigner(), new Sha256Digest()));
}
if (mechanism.Equals("SHA-384withDSA"))
{
return(new DsaDigestSigner(new DsaSigner(), new Sha384Digest()));
}
if (mechanism.Equals("SHA-512withDSA"))
{
return(new DsaDigestSigner(new DsaSigner(), new Sha512Digest()));
}
if (mechanism.Equals("NONEwithECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new NullDigest()));
}
if (mechanism.Equals("SHA-1withECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new Sha1Digest()));
}
if (mechanism.Equals("SHA-224withECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new Sha224Digest()));
}
if (mechanism.Equals("SHA-256withECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new Sha256Digest()));
}
if (mechanism.Equals("SHA-384withECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new Sha384Digest()));
}
if (mechanism.Equals("SHA-512withECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new Sha512Digest()));
}
if (mechanism.Equals("RIPEMD160withECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new RipeMD160Digest()));
}
if (mechanism.Equals("SHA1WITHECNR"))
{
return(new DsaDigestSigner(new ECNRSigner(), new Sha1Digest()));
}
if (mechanism.Equals("SHA224WITHECNR"))
{
return(new DsaDigestSigner(new ECNRSigner(), new Sha224Digest()));
}
if (mechanism.Equals("SHA256WITHECNR"))
{
return(new DsaDigestSigner(new ECNRSigner(), new Sha256Digest()));
}
if (mechanism.Equals("SHA384WITHECNR"))
{
return(new DsaDigestSigner(new ECNRSigner(), new Sha384Digest()));
}
if (mechanism.Equals("SHA512WITHECNR"))
{
return(new DsaDigestSigner(new ECNRSigner(), new Sha512Digest()));
}
if (mechanism.Equals("GOST3410"))
{
return(new Gost3410DigestSigner(new Gost3410Signer(), new Gost3411Digest()));
}
if (mechanism.Equals("ECGOST3410"))
{
return(new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411Digest()));
}
if (mechanism.Equals("SHA1WITHRSA/ISO9796-2"))
{
return(new Iso9796d2Signer(new RsaBlindedEngine(), new Sha1Digest(), true));
}
if (mechanism.Equals("MD5WITHRSA/ISO9796-2"))
{
return(new Iso9796d2Signer(new RsaBlindedEngine(), new MD5Digest(), true));
}
if (mechanism.Equals("RIPEMD160WITHRSA/ISO9796-2"))
{
return(new Iso9796d2Signer(new RsaBlindedEngine(), new RipeMD160Digest(), true));
}
throw new SecurityUtilityException("Signer " + algorithm + " not recognised.");
}
public override void PerformTest()
{
doTestSig(1, pub1, prv1, slt1a, msg1a, sig1a);
doTestSig(2, pub1, prv1, slt1b, msg1b, sig1b);
doTestSig(3, pub2, prv2, slt2a, msg2a, sig2a);
doTestSig(4, pub2, prv2, slt2b, msg2b, sig2b);
doTestSig(5, pub4, prv4, slt4a, msg4a, sig4a);
doTestSig(6, pub4, prv4, slt4b, msg4b, sig4b);
doTestSig(7, pub8, prv8, slt8a, msg8a, sig8a);
doTestSig(8, pub8, prv8, slt8b, msg8b, sig8b);
doTestSig(9, pub9, prv9, slt9a, msg9a, sig9a);
doTestSig(10, pub9, prv9, slt9b, msg9b, sig9b);
//
// loop test - sha-1 only
//
PssSigner eng = new PssSigner(new RsaEngine(), new Sha1Digest(), 20);
int failed = 0;
byte[] data = new byte[DataLength];
SecureRandom random = new SecureRandom();
random.NextBytes(data);
for (int j = 0; j < NumTests; j++)
{
eng.Init(true, new ParametersWithRandom(prv8, random));
eng.BlockUpdate(data, 0, data.Length);
byte[] s = eng.GenerateSignature();
eng.Init(false, pub8);
eng.BlockUpdate(data, 0, data.Length);
if (!eng.VerifySignature(s))
{
failed++;
}
}
if (failed != 0)
{
Fail("loop test failed - failures: " + failed);
}
//
// loop test - sha-256 and sha-1
//
eng = new PssSigner(new RsaEngine(), new Sha256Digest(), new Sha1Digest(), 20);
failed = 0;
data = new byte[DataLength];
random.NextBytes(data);
for (int j = 0; j < NumTests; j++)
{
eng.Init(true, new ParametersWithRandom(prv8, random));
eng.BlockUpdate(data, 0, data.Length);
byte[] s = eng.GenerateSignature();
eng.Init(false, pub8);
eng.BlockUpdate(data, 0, data.Length);
if (!eng.VerifySignature(s))
{
failed++;
}
}
if (failed != 0)
{
Fail("loop test failed - failures: " + failed);
}
}
public bool Validate(OneKey signerKey)
{
CBORObject alg; // Get the set algorithm or infer one
byte[] bytesToBeSigned = toBeSigned();
alg = FindAttribute(HeaderKeys.Algorithm);
if (alg == null)
{
throw new CoseException("No algorithm specified");
}
IDigest digest = null;
IDigest digest2 = null;
if (alg.Type == CBORType.TextString)
{
switch (alg.AsString())
{
case "ES384":
case "PS384":
digest = new Sha384Digest();
digest2 = new Sha384Digest();
break;
default:
throw new CoseException("Unknown signature algorithm");
}
}
else if (alg.Type == CBORType.Integer)
{
switch ((AlgorithmValuesInt)alg.AsInt32())
{
case AlgorithmValuesInt.ECDSA_256:
case AlgorithmValuesInt.RSA_PSS_256:
digest = new Sha256Digest();
digest2 = new Sha256Digest();
break;
case AlgorithmValuesInt.ECDSA_384:
case AlgorithmValuesInt.RSA_PSS_384:
digest = new Sha384Digest();
digest2 = new Sha384Digest();
break;
case AlgorithmValuesInt.ECDSA_512:
case AlgorithmValuesInt.RSA_PSS_512:
digest = new Sha512Digest();
digest2 = new Sha512Digest();
break;
case AlgorithmValuesInt.EdDSA:
break;
case AlgorithmValuesInt.HSS_LMS:
break;
default:
throw new CoseException("Unknown signature algorithm");
}
}
else
{
throw new CoseException("Algorthm incorrectly encoded");
}
if (alg.Type == CBORType.TextString)
{
switch (alg.AsString())
{
default:
throw new CoseException("Unknown Algorithm");
}
}
else if (alg.Type == CBORType.Integer)
{
switch ((AlgorithmValuesInt)alg.AsInt32())
{
case AlgorithmValuesInt.RSA_PSS_256:
case AlgorithmValuesInt.RSA_PSS_384:
case AlgorithmValuesInt.RSA_PSS_512: {
PssSigner signer = new PssSigner(new RsaEngine(), digest, digest2, digest.GetByteLength());
RsaKeyParameters prv = new RsaPrivateCrtKeyParameters(signerKey.AsBigInteger(CoseKeyParameterKeys.RSA_n), signerKey.AsBigInteger(CoseKeyParameterKeys.RSA_e), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_d), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_p), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_q), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_dP), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_dQ), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_qInv));
ParametersWithRandom param = new ParametersWithRandom(prv, GetPRNG());
signer.Init(false, param);
signer.BlockUpdate(bytesToBeSigned, 0, bytesToBeSigned.Length);
return(signer.VerifySignature(_rgbSignature));
}
case AlgorithmValuesInt.ECDSA_256:
case AlgorithmValuesInt.ECDSA_384:
case AlgorithmValuesInt.ECDSA_512: {
digest.BlockUpdate(bytesToBeSigned, 0, bytesToBeSigned.Length);
byte[] digestedMessage = new byte[digest.GetDigestSize()];
digest.DoFinal(digestedMessage, 0);
X9ECParameters p = signerKey.GetCurve();
ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
ECPoint point = signerKey.GetPoint();
ECPublicKeyParameters param = new ECPublicKeyParameters(point, parameters);
ECDsaSigner ecdsa = new ECDsaSigner();
ecdsa.Init(false, param);
BigInteger r = new BigInteger(1, _rgbSignature, 0, _rgbSignature.Length / 2);
BigInteger s = new BigInteger(1, _rgbSignature, _rgbSignature.Length / 2, _rgbSignature.Length / 2);
return(ecdsa.VerifySignature(digestedMessage, r, s));
}
#if true
case AlgorithmValuesInt.EdDSA: {
ISigner eddsa;
if (signerKey[CoseKeyParameterKeys.EC_Curve].Equals(GeneralValues.Ed25519))
{
Ed25519PublicKeyParameters privKey =
new Ed25519PublicKeyParameters(signerKey[CoseKeyParameterKeys.OKP_X].GetByteString(), 0);
eddsa = new Ed25519Signer();
eddsa.Init(false, privKey);
}
else if (signerKey[CoseKeyParameterKeys.EC_Curve].Equals(GeneralValues.Ed448))
{
Ed448PublicKeyParameters privKey =
new Ed448PublicKeyParameters(signerKey[CoseKeyParameterKeys.OKP_X].GetByteString(), 0);
eddsa = new Ed448Signer(new byte[0]);
eddsa.Init(false, privKey);
}
else
{
throw new CoseException("Unrecognized curve");
}
eddsa.BlockUpdate(bytesToBeSigned, 0, bytesToBeSigned.Length);
return(eddsa.VerifySignature(_rgbSignature));
}
#endif
case AlgorithmValuesInt.HSS_LMS:
return(HashSig.Validate(bytesToBeSigned,
signerKey[CoseKeyParameterKeys.Lms_Public].GetByteString(),
_rgbSignature));
default:
throw new CoseException("Unknown Algorithm");
}
}
else
{
throw new CoseException("Algorithm incorrectly encoded");
}
}
private byte[] _Sign(byte[] bytesToBeSigned)
{
CBORObject alg; // Get the set algorithm or infer one
if (rgbContent == null)
{
throw new CoseException("No Content Specified");
}
alg = FindAttribute(HeaderKeys.Algorithm);
if (alg == null)
{
if (_keyToSign[CoseKeyKeys.KeyType].Type == CBORType.Integer)
{
switch ((GeneralValuesInt)_keyToSign[CoseKeyKeys.KeyType].AsInt32())
{
case GeneralValuesInt.KeyType_RSA:
alg = AlgorithmValues.RSA_PSS_256;
break;
case GeneralValuesInt.KeyType_EC2:
if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Type == CBORType.Integer)
{
switch ((GeneralValuesInt)_keyToSign[CoseKeyParameterKeys.EC_Curve].AsInt32())
{
case GeneralValuesInt.P256:
alg = AlgorithmValues.ECDSA_256;
break;
case GeneralValuesInt.P521:
alg = AlgorithmValues.ECDSA_512;
break;
default:
throw new CoseException("Unknown curve");
}
}
else if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Type == CBORType.TextString)
{
switch (_keyToSign[CoseKeyParameterKeys.EC_Curve].AsString())
{
case "P-384":
alg = CBORObject.FromObject("ES384");
break;
default:
throw new CoseException("Unknown curve");
}
}
else
{
throw new CoseException("Curve is incorrectly encoded");
}
break;
case GeneralValuesInt.KeyType_OKP:
if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Type == CBORType.Integer)
{
switch ((GeneralValuesInt)_keyToSign[CoseKeyParameterKeys.EC_Curve].AsInt32())
{
case GeneralValuesInt.Ed25519:
alg = AlgorithmValues.EdDSA;
break;
case GeneralValuesInt.Ed448:
alg = AlgorithmValues.EdDSA;
break;
default:
throw new CoseException("Unknown curve");
}
}
else if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Type == CBORType.TextString)
{
switch (_keyToSign[CoseKeyParameterKeys.EC_Curve].AsString())
{
default:
throw new CoseException("Unknown curve");
}
}
else
{
throw new CoseException("Curve is incorrectly encoded");
}
break;
default:
throw new CoseException("Unknown or unsupported key type " + _keyToSign.AsString("kty"));
}
}
else if (_keyToSign[CoseKeyKeys.KeyType].Type == CBORType.TextString)
{
throw new CoseException("Unknown or unsupported key type " + _keyToSign[CoseKeyKeys.KeyType].AsString());
}
else
{
throw new CoseException("Key type is not correctly encoded");
}
UnprotectedMap.Add(HeaderKeys.Algorithm, alg);
}
IDigest digest = null;
IDigest digest2 = null;
if (alg.Type == CBORType.TextString)
{
switch (alg.AsString())
{
case "ES384":
case "PS384":
digest = new Sha384Digest();
digest2 = new Sha384Digest();
break;
default:
throw new CoseException("Unknown Algorithm Specified");
}
}
else if (alg.Type == CBORType.Integer)
{
switch ((AlgorithmValuesInt)alg.AsInt32())
{
case AlgorithmValuesInt.ECDSA_256:
case AlgorithmValuesInt.RSA_PSS_256:
digest = new Sha256Digest();
digest2 = new Sha256Digest();
break;
case AlgorithmValuesInt.ECDSA_384:
case AlgorithmValuesInt.RSA_PSS_384:
digest = new Sha384Digest();
digest2 = new Sha384Digest();
break;
case AlgorithmValuesInt.ECDSA_512:
case AlgorithmValuesInt.RSA_PSS_512:
digest = new Sha512Digest();
digest2 = new Sha512Digest();
break;
case AlgorithmValuesInt.EdDSA:
break;
case AlgorithmValuesInt.HSS_LMS:
break;
default:
throw new CoseException("Unknown Algorithm Specified");
}
}
else
{
throw new CoseException("Algorithm incorrectly encoded");
}
if (alg.Type == CBORType.TextString)
{
switch (alg.AsString())
{
default:
throw new CoseException("Unknown Algorithm Specified");
}
}
else if (alg.Type == CBORType.Integer)
{
switch ((AlgorithmValuesInt)alg.AsInt32())
{
case AlgorithmValuesInt.RSA_PSS_256:
case AlgorithmValuesInt.RSA_PSS_384:
case AlgorithmValuesInt.RSA_PSS_512: {
PssSigner signer = new PssSigner(new RsaEngine(), digest, digest2, digest.GetByteLength());
RsaKeyParameters prv = new RsaPrivateCrtKeyParameters(
_keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_n),
_keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_e),
_keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_d),
_keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_p),
_keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_q),
_keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_dP),
_keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_dQ),
_keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_qInv));
ParametersWithRandom param = new ParametersWithRandom(prv, GetPRNG());
signer.Init(true, param);
signer.BlockUpdate(bytesToBeSigned, 0, bytesToBeSigned.Length);
return(signer.GenerateSignature());
}
case AlgorithmValuesInt.ECDSA_256:
case AlgorithmValuesInt.ECDSA_384:
case AlgorithmValuesInt.ECDSA_512: {
CBORObject privateKeyD = _keyToSign[CoseKeyParameterKeys.EC_D];
if (privateKeyD == null)
{
throw new CoseException("Private key required to sign");
}
SecureRandom random = GetPRNG();
digest.BlockUpdate(bytesToBeSigned, 0, bytesToBeSigned.Length);
byte[] digestedMessage = new byte[digest.GetDigestSize()];
digest.DoFinal(digestedMessage, 0);
X9ECParameters p = _keyToSign.GetCurve();
ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
ECPrivateKeyParameters privKey =
new ECPrivateKeyParameters("ECDSA", ConvertBigNum(privateKeyD), parameters);
ParametersWithRandom param = new ParametersWithRandom(privKey, random);
ECDsaSigner ecdsa = new ECDsaSigner(new HMacDsaKCalculator(new Sha256Digest()));
ecdsa.Init(true, param);
BigInteger[] sigLms = ecdsa.GenerateSignature(digestedMessage);
byte[] r = sigLms[0].ToByteArrayUnsigned();
byte[] s = sigLms[1].ToByteArrayUnsigned();
int cbR = (p.Curve.FieldSize + 7) / 8;
byte[] sigs = new byte[cbR * 2];
Array.Copy(r, 0, sigs, cbR - r.Length, r.Length);
Array.Copy(s, 0, sigs, cbR + cbR - s.Length, s.Length);
return(sigs);
}
#if true
case AlgorithmValuesInt.EdDSA: {
ISigner eddsa;
if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Equals(GeneralValues.Ed25519))
{
Ed25519PrivateKeyParameters privKey =
new Ed25519PrivateKeyParameters(_keyToSign[CoseKeyParameterKeys.OKP_D].GetByteString(), 0);
eddsa = new Ed25519Signer();
eddsa.Init(true, privKey);
}
else if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Equals(GeneralValues.Ed448))
{
Ed448PrivateKeyParameters privKey =
new Ed448PrivateKeyParameters(_keyToSign[CoseKeyParameterKeys.OKP_D].GetByteString(), 0);
eddsa = new Ed448Signer(new byte[0]);
eddsa.Init(true, privKey);
}
else
{
throw new CoseException("Unrecognized curve");
}
eddsa.BlockUpdate(bytesToBeSigned, 0, bytesToBeSigned.Length);
return(eddsa.GenerateSignature());
}
#endif
case AlgorithmValuesInt.HSS_LMS:
HashSig sig = new HashSig(_keyToSign[CoseKeyParameterKeys.Lms_Private].AsString());
byte[] signBytes = sig.Sign(bytesToBeSigned);
_keyToSign.Replace(CoseKeyParameterKeys.Lms_Private, CBORObject.FromObject(sig.PrivateKey));
return(signBytes);
default:
throw new CoseException("Unknown Algorithm Specified");
}
}
else
{
throw new CoseException("Algorithm incorrectly encoded");
}
}
public static ISigner GetSigner(
string algorithm)
{
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
algorithm = Platform.ToUpperInvariant(algorithm);
string mechanism = (string)algorithms[algorithm];
if (mechanism == null)
{
mechanism = algorithm;
}
if (Platform.StartsWith(mechanism, "Ed"))
{
if (mechanism.Equals("Ed25519"))
{
return(new Ed25519Signer());
}
if (mechanism.Equals("Ed25519ctx"))
{
return(new Ed25519ctxSigner(Arrays.EmptyBytes));
}
if (mechanism.Equals("Ed25519ph"))
{
return(new Ed25519phSigner(Arrays.EmptyBytes));
}
if (mechanism.Equals("Ed448"))
{
return(new Ed448Signer(Arrays.EmptyBytes));
}
if (mechanism.Equals("Ed448ph"))
{
return(new Ed448phSigner(Arrays.EmptyBytes));
}
}
if (mechanism.Equals("RSA"))
{
return(new RsaDigestSigner(new NullDigest(), (AlgorithmIdentifier)null));
}
if (mechanism.Equals("RAWRSASSA-PSS"))
{
// TODO Add support for other parameter settings
return(PssSigner.CreateRawSigner(new RsaBlindedEngine(), new Sha1Digest()));
}
if (mechanism.Equals("PSSwithRSA"))
{
// TODO The Sha1Digest here is a default. In JCE version, the actual digest
// to be used can be overridden by subsequent parameter settings.
return(new PssSigner(new RsaBlindedEngine(), new Sha1Digest()));
}
if (Platform.EndsWith(mechanism, "withRSA"))
{
string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with"));
IDigest digest = DigestUtilities.GetDigest(digestName);
return(new RsaDigestSigner(digest));
}
if (Platform.EndsWith(mechanism, "withRSAandMGF1"))
{
string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with"));
IDigest digest = DigestUtilities.GetDigest(digestName);
return(new PssSigner(new RsaBlindedEngine(), digest));
}
if (Platform.EndsWith(mechanism, "withDSA"))
{
string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with"));
IDigest digest = DigestUtilities.GetDigest(digestName);
return(new DsaDigestSigner(new DsaSigner(), digest));
}
if (Platform.EndsWith(mechanism, "withECDSA"))
{
string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with"));
IDigest digest = DigestUtilities.GetDigest(digestName);
return(new DsaDigestSigner(new ECDsaSigner(), digest));
}
if (Platform.EndsWith(mechanism, "withCVC-ECDSA") ||
Platform.EndsWith(mechanism, "withPLAIN-ECDSA"))
{
string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with"));
IDigest digest = DigestUtilities.GetDigest(digestName);
return(new DsaDigestSigner(new ECDsaSigner(), digest, PlainDsaEncoding.Instance));
}
if (Platform.EndsWith(mechanism, "withECNR"))
{
string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with"));
IDigest digest = DigestUtilities.GetDigest(digestName);
return(new DsaDigestSigner(new ECNRSigner(), digest));
}
if (Platform.EndsWith(mechanism, "withSM2"))
{
string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with"));
IDigest digest = DigestUtilities.GetDigest(digestName);
return(new SM2Signer(digest));
}
if (mechanism.Equals("GOST3410") || mechanism.Equals("GOST3411WITHGOST3410"))
{
return(new Gost3410DigestSigner(new Gost3410Signer(), new Gost3411Digest()));
}
if (mechanism.Equals("ECGOST3410") || mechanism.Equals("GOST3411WITHECGOST3410"))
{
return(new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411Digest()));
}
if (mechanism.Equals("GOST3411_2012_256WITHECGOST3410"))
{
return(new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411_2012_256Digest()));
}
if (mechanism.Equals("GOST3411_2012_512WITHECGOST3410"))
{
return(new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411_2012_512Digest()));
}
if (mechanism.Equals("SHA1WITHRSA/ISO9796-2"))
{
return(new Iso9796d2Signer(new RsaBlindedEngine(), new Sha1Digest(), true));
}
if (mechanism.Equals("MD5WITHRSA/ISO9796-2"))
{
return(new Iso9796d2Signer(new RsaBlindedEngine(), new MD5Digest(), true));
}
if (mechanism.Equals("RIPEMD160WITHRSA/ISO9796-2"))
{
return(new Iso9796d2Signer(new RsaBlindedEngine(), new RipeMD160Digest(), true));
}
if (Platform.EndsWith(mechanism, "/X9.31"))
{
string x931 = mechanism.Substring(0, mechanism.Length - "/X9.31".Length);
int withPos = Platform.IndexOf(x931, "WITH");
if (withPos > 0)
{
int endPos = withPos + "WITH".Length;
string digestName = x931.Substring(0, withPos);
IDigest digest = DigestUtilities.GetDigest(digestName);
string cipherName = x931.Substring(endPos, x931.Length - endPos);
if (cipherName.Equals("RSA"))
{
IAsymmetricBlockCipher cipher = new RsaBlindedEngine();
return(new X931Signer(cipher, digest));
}
}
}
throw new SecurityUtilityException("Signer " + algorithm + " not recognised.");
}
public static ISigner GetSigner(string algorithm)
{
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
algorithm = Platform.ToUpperInvariant(algorithm);
string text = (string)SignerUtilities.algorithms[algorithm];
if (text == null)
{
text = algorithm;
}
if (text.Equals("RSA"))
{
return(new RsaDigestSigner(new NullDigest(), null));
}
if (text.Equals("MD2withRSA"))
{
return(new RsaDigestSigner(new MD2Digest()));
}
if (text.Equals("MD4withRSA"))
{
return(new RsaDigestSigner(new MD4Digest()));
}
if (text.Equals("MD5withRSA"))
{
return(new RsaDigestSigner(new MD5Digest()));
}
if (text.Equals("SHA-1withRSA"))
{
return(new RsaDigestSigner(new Sha1Digest()));
}
if (text.Equals("SHA-224withRSA"))
{
return(new RsaDigestSigner(new Sha224Digest()));
}
if (text.Equals("SHA-256withRSA"))
{
return(new RsaDigestSigner(new Sha256Digest()));
}
if (text.Equals("SHA-384withRSA"))
{
return(new RsaDigestSigner(new Sha384Digest()));
}
if (text.Equals("SHA-512withRSA"))
{
return(new RsaDigestSigner(new Sha512Digest()));
}
if (text.Equals("RIPEMD128withRSA"))
{
return(new RsaDigestSigner(new RipeMD128Digest()));
}
if (text.Equals("RIPEMD160withRSA"))
{
return(new RsaDigestSigner(new RipeMD160Digest()));
}
if (text.Equals("RIPEMD256withRSA"))
{
return(new RsaDigestSigner(new RipeMD256Digest()));
}
if (text.Equals("RAWRSASSA-PSS"))
{
return(PssSigner.CreateRawSigner(new RsaBlindedEngine(), new Sha1Digest()));
}
if (text.Equals("PSSwithRSA"))
{
return(new PssSigner(new RsaBlindedEngine(), new Sha1Digest()));
}
if (text.Equals("SHA-1withRSAandMGF1"))
{
return(new PssSigner(new RsaBlindedEngine(), new Sha1Digest()));
}
if (text.Equals("SHA-224withRSAandMGF1"))
{
return(new PssSigner(new RsaBlindedEngine(), new Sha224Digest()));
}
if (text.Equals("SHA-256withRSAandMGF1"))
{
return(new PssSigner(new RsaBlindedEngine(), new Sha256Digest()));
}
if (text.Equals("SHA-384withRSAandMGF1"))
{
return(new PssSigner(new RsaBlindedEngine(), new Sha384Digest()));
}
if (text.Equals("SHA-512withRSAandMGF1"))
{
return(new PssSigner(new RsaBlindedEngine(), new Sha512Digest()));
}
if (text.Equals("NONEwithDSA"))
{
return(new DsaDigestSigner(new DsaSigner(), new NullDigest()));
}
if (text.Equals("SHA-1withDSA"))
{
return(new DsaDigestSigner(new DsaSigner(), new Sha1Digest()));
}
if (text.Equals("SHA-224withDSA"))
{
return(new DsaDigestSigner(new DsaSigner(), new Sha224Digest()));
}
if (text.Equals("SHA-256withDSA"))
{
return(new DsaDigestSigner(new DsaSigner(), new Sha256Digest()));
}
if (text.Equals("SHA-384withDSA"))
{
return(new DsaDigestSigner(new DsaSigner(), new Sha384Digest()));
}
if (text.Equals("SHA-512withDSA"))
{
return(new DsaDigestSigner(new DsaSigner(), new Sha512Digest()));
}
if (text.Equals("NONEwithECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new NullDigest()));
}
if (text.Equals("SHA-1withECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new Sha1Digest()));
}
if (text.Equals("SHA-224withECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new Sha224Digest()));
}
if (text.Equals("SHA-256withECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new Sha256Digest()));
}
if (text.Equals("SHA-384withECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new Sha384Digest()));
}
if (text.Equals("SHA-512withECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new Sha512Digest()));
}
if (text.Equals("RIPEMD160withECDSA"))
{
return(new DsaDigestSigner(new ECDsaSigner(), new RipeMD160Digest()));
}
if (text.Equals("SHA1WITHECNR"))
{
return(new DsaDigestSigner(new ECNRSigner(), new Sha1Digest()));
}
if (text.Equals("SHA224WITHECNR"))
{
return(new DsaDigestSigner(new ECNRSigner(), new Sha224Digest()));
}
if (text.Equals("SHA256WITHECNR"))
{
return(new DsaDigestSigner(new ECNRSigner(), new Sha256Digest()));
}
if (text.Equals("SHA384WITHECNR"))
{
return(new DsaDigestSigner(new ECNRSigner(), new Sha384Digest()));
}
if (text.Equals("SHA512WITHECNR"))
{
return(new DsaDigestSigner(new ECNRSigner(), new Sha512Digest()));
}
if (text.Equals("GOST3410"))
{
return(new Gost3410DigestSigner(new Gost3410Signer(), new Gost3411Digest()));
}
if (text.Equals("ECGOST3410"))
{
return(new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411Digest()));
}
if (text.Equals("SHA1WITHRSA/ISO9796-2"))
{
return(new Iso9796d2Signer(new RsaBlindedEngine(), new Sha1Digest(), true));
}
if (text.Equals("MD5WITHRSA/ISO9796-2"))
{
return(new Iso9796d2Signer(new RsaBlindedEngine(), new MD5Digest(), true));
}
if (text.Equals("RIPEMD160WITHRSA/ISO9796-2"))
{
return(new Iso9796d2Signer(new RsaBlindedEngine(), new RipeMD160Digest(), true));
}
if (text.EndsWith("/X9.31"))
{
string text2 = text.Substring(0, text.Length - "/X9.31".Length);
int num = text2.IndexOf("WITH");
if (num > 0)
{
int num2 = num + "WITH".Length;
string algorithm2 = text2.Substring(0, num);
IDigest digest = DigestUtilities.GetDigest(algorithm2);
string text3 = text2.Substring(num2, text2.Length - num2);
if (text3.Equals("RSA"))
{
IAsymmetricBlockCipher cipher = new RsaBlindedEngine();
return(new X931Signer(cipher, digest));
}
}
}
throw new SecurityUtilityException("Signer " + algorithm + " not recognised.");
}
