private bool DoVerify( AsymmetricKeyParameter key) { string digestName = Helper.GetDigestAlgName(this.DigestAlgOid); IDigest digest = Helper.GetDigestInstance(digestName); DerObjectIdentifier sigAlgOid = this.encryptionAlgorithm.ObjectID; Asn1Encodable sigParams = this.encryptionAlgorithm.Parameters; ISigner sig; if (sigAlgOid.Equals(Asn1.Pkcs.PkcsObjectIdentifiers.IdRsassaPss)) { // RFC 4056 2.2 // When the id-RSASSA-PSS algorithm identifier is used for a signature, // the AlgorithmIdentifier parameters field MUST contain RSASSA-PSS-params. if (sigParams == null) { throw new CmsException("RSASSA-PSS signature must specify algorithm parameters"); } try { // TODO Provide abstract configuration mechanism // (via alternate SignerUtilities.GetSigner method taking ASN.1 params) Asn1.Pkcs.RsassaPssParameters pss = Asn1.Pkcs.RsassaPssParameters.GetInstance( sigParams.ToAsn1Object()); if (!pss.HashAlgorithm.ObjectID.Equals(this.digestAlgorithm.ObjectID)) { throw new CmsException("RSASSA-PSS signature parameters specified incorrect hash algorithm"); } if (!pss.MaskGenAlgorithm.ObjectID.Equals(Asn1.Pkcs.PkcsObjectIdentifiers.IdMgf1)) { throw new CmsException("RSASSA-PSS signature parameters specified unknown MGF"); } IDigest pssDigest = DigestUtilities.GetDigest(pss.HashAlgorithm.ObjectID); int saltLength = pss.SaltLength.Value.IntValue; byte trailerField = (byte)pss.TrailerField.Value.IntValue; // RFC 4055 3.1 // The value MUST be 1, which represents the trailer field with hexadecimal value 0xBC if (trailerField != 1) { throw new CmsException("RSASSA-PSS signature parameters must have trailerField of 1"); } sig = new PssSigner(new RsaBlindedEngine(), pssDigest, saltLength); } catch (Exception e) { throw new CmsException("failed to set RSASSA-PSS signature parameters", e); } } else { // TODO Probably too strong a check at the moment // if (sigParams != null) // throw new CmsException("unrecognised signature parameters provided"); string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(this.EncryptionAlgOid); sig = Helper.GetSignatureInstance(signatureName); } try { if (digestCalculator != null) { resultDigest = digestCalculator.GetDigest(); } else { if (content != null) { content.Write(new DigOutputStream(digest)); } else if (signedAttributeSet == null) { // TODO Get rid of this exception and just treat content==null as empty not missing? throw new CmsException("data not encapsulated in signature - use detached constructor."); } resultDigest = DigestUtilities.DoFinal(digest); } } catch (IOException e) { throw new CmsException("can't process mime object to create signature.", e); } // RFC 3852 11.1 Check the content-type attribute is correct { Asn1Object validContentType = GetSingleValuedSignedAttribute( CmsAttributes.ContentType, "content-type"); if (validContentType == null) { if (!isCounterSignature && signedAttributeSet != null) { throw new CmsException("The content-type attribute type MUST be present whenever signed attributes are present in signed-data"); } } else { if (isCounterSignature) { throw new CmsException("[For counter signatures,] the signedAttributes field MUST NOT contain a content-type attribute"); } if (!(validContentType is DerObjectIdentifier)) { throw new CmsException("content-type attribute value not of ASN.1 type 'OBJECT IDENTIFIER'"); } DerObjectIdentifier signedContentType = (DerObjectIdentifier)validContentType; if (!signedContentType.Equals(contentType)) { throw new CmsException("content-type attribute value does not match eContentType"); } } } // RFC 3852 11.2 Check the message-digest attribute is correct { Asn1Object validMessageDigest = GetSingleValuedSignedAttribute( CmsAttributes.MessageDigest, "message-digest"); if (validMessageDigest == null) { if (signedAttributeSet != null) { throw new CmsException("the message-digest signed attribute type MUST be present when there are any signed attributes present"); } } else { if (!(validMessageDigest is Asn1OctetString)) { throw new CmsException("message-digest attribute value not of ASN.1 type 'OCTET STRING'"); } Asn1OctetString signedMessageDigest = (Asn1OctetString)validMessageDigest; if (!Arrays.AreEqual(resultDigest, signedMessageDigest.GetOctets())) { throw new CmsException("message-digest attribute value does not match calculated value"); } } } // RFC 3852 11.4 Validate countersignature attribute(s) { Asn1.Cms.AttributeTable signedAttrTable = this.SignedAttributes; if (signedAttrTable != null && signedAttrTable.GetAll(CmsAttributes.CounterSignature).Count > 0) { throw new CmsException("A countersignature attribute MUST NOT be a signed attribute"); } Asn1.Cms.AttributeTable unsignedAttrTable = this.UnsignedAttributes; if (unsignedAttrTable != null) { foreach (Asn1.Cms.Attribute csAttr in unsignedAttrTable.GetAll(CmsAttributes.CounterSignature)) { if (csAttr.AttrValues.Count < 1) { throw new CmsException("A countersignature attribute MUST contain at least one AttributeValue"); } // Note: We don't recursively validate the countersignature value } } } try { sig.Init(false, key); if (signedAttributeSet == null) { if (digestCalculator != null) { // need to decrypt signature and check message bytes return(VerifyDigest(resultDigest, key, this.GetSignature())); } else if (content != null) { // TODO Use raw signature of the hash value instead content.Write(new SigOutputStream(sig)); } } else { byte[] tmp = this.GetEncodedSignedAttributes(); sig.BlockUpdate(tmp, 0, tmp.Length); } return(sig.VerifySignature(this.GetSignature())); } catch (InvalidKeyException e) { throw new CmsException("key not appropriate to signature in message.", e); } catch (IOException e) { throw new CmsException("can't process mime object to create signature.", e); } catch (SignatureException e) { throw new CmsException("invalid signature format in message: " + e.Message, e); } }
public static ISigner GetSigner( string algorithm) { if (algorithm == null) { throw new ArgumentNullException("algorithm"); } algorithm = Platform.ToUpperInvariant(algorithm); string mechanism = (string)algorithms[algorithm]; if (mechanism == null) { mechanism = algorithm; } if (mechanism.Equals("RSA")) { return(new RsaDigestSigner(new NullDigest(), (AlgorithmIdentifier)null)); } if (mechanism.Equals("MD2withRSA")) { return(new RsaDigestSigner(new MD2Digest())); } if (mechanism.Equals("MD4withRSA")) { return(new RsaDigestSigner(new MD4Digest())); } if (mechanism.Equals("MD5withRSA")) { return(new RsaDigestSigner(new MD5Digest())); } if (mechanism.Equals("SHA-1withRSA")) { return(new RsaDigestSigner(new Sha1Digest())); } if (mechanism.Equals("SHA-224withRSA")) { return(new RsaDigestSigner(new Sha224Digest())); } if (mechanism.Equals("SHA-256withRSA")) { return(new RsaDigestSigner(new Sha256Digest())); } if (mechanism.Equals("SHA-384withRSA")) { return(new RsaDigestSigner(new Sha384Digest())); } if (mechanism.Equals("SHA-512withRSA")) { return(new RsaDigestSigner(new Sha512Digest())); } if (mechanism.Equals("RIPEMD128withRSA")) { return(new RsaDigestSigner(new RipeMD128Digest())); } if (mechanism.Equals("RIPEMD160withRSA")) { return(new RsaDigestSigner(new RipeMD160Digest())); } if (mechanism.Equals("RIPEMD256withRSA")) { return(new RsaDigestSigner(new RipeMD256Digest())); } if (mechanism.Equals("RAWRSASSA-PSS")) { // TODO Add support for other parameter settings return(PssSigner.CreateRawSigner(new RsaBlindedEngine(), new Sha1Digest())); } if (mechanism.Equals("PSSwithRSA")) { // TODO The Sha1Digest here is a default. In JCE version, the actual digest // to be used can be overridden by subsequent parameter settings. return(new PssSigner(new RsaBlindedEngine(), new Sha1Digest())); } if (mechanism.Equals("SHA-1withRSAandMGF1")) { return(new PssSigner(new RsaBlindedEngine(), new Sha1Digest())); } if (mechanism.Equals("SHA-224withRSAandMGF1")) { return(new PssSigner(new RsaBlindedEngine(), new Sha224Digest())); } if (mechanism.Equals("SHA-256withRSAandMGF1")) { return(new PssSigner(new RsaBlindedEngine(), new Sha256Digest())); } if (mechanism.Equals("SHA-384withRSAandMGF1")) { return(new PssSigner(new RsaBlindedEngine(), new Sha384Digest())); } if (mechanism.Equals("SHA-512withRSAandMGF1")) { return(new PssSigner(new RsaBlindedEngine(), new Sha512Digest())); } if (mechanism.Equals("NONEwithDSA")) { return(new DsaDigestSigner(new DsaSigner(), new NullDigest())); } if (mechanism.Equals("SHA-1withDSA")) { return(new DsaDigestSigner(new DsaSigner(), new Sha1Digest())); } if (mechanism.Equals("SHA-224withDSA")) { return(new DsaDigestSigner(new DsaSigner(), new Sha224Digest())); } if (mechanism.Equals("SHA-256withDSA")) { return(new DsaDigestSigner(new DsaSigner(), new Sha256Digest())); } if (mechanism.Equals("SHA-384withDSA")) { return(new DsaDigestSigner(new DsaSigner(), new Sha384Digest())); } if (mechanism.Equals("SHA-512withDSA")) { return(new DsaDigestSigner(new DsaSigner(), new Sha512Digest())); } if (mechanism.Equals("NONEwithECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new NullDigest())); } if (mechanism.Equals("SHA-1withECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new Sha1Digest())); } if (mechanism.Equals("SHA-224withECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new Sha224Digest())); } if (mechanism.Equals("SHA-256withECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new Sha256Digest())); } if (mechanism.Equals("SHA-384withECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new Sha384Digest())); } if (mechanism.Equals("SHA-512withECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new Sha512Digest())); } if (mechanism.Equals("RIPEMD160withECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new RipeMD160Digest())); } if (mechanism.Equals("SHA1WITHECNR")) { return(new DsaDigestSigner(new ECNRSigner(), new Sha1Digest())); } if (mechanism.Equals("SHA224WITHECNR")) { return(new DsaDigestSigner(new ECNRSigner(), new Sha224Digest())); } if (mechanism.Equals("SHA256WITHECNR")) { return(new DsaDigestSigner(new ECNRSigner(), new Sha256Digest())); } if (mechanism.Equals("SHA384WITHECNR")) { return(new DsaDigestSigner(new ECNRSigner(), new Sha384Digest())); } if (mechanism.Equals("SHA512WITHECNR")) { return(new DsaDigestSigner(new ECNRSigner(), new Sha512Digest())); } if (mechanism.Equals("GOST3410")) { return(new Gost3410DigestSigner(new Gost3410Signer(), new Gost3411Digest())); } if (mechanism.Equals("ECGOST3410")) { return(new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411Digest())); } if (mechanism.Equals("SHA1WITHRSA/ISO9796-2")) { return(new Iso9796d2Signer(new RsaBlindedEngine(), new Sha1Digest(), true)); } if (mechanism.Equals("MD5WITHRSA/ISO9796-2")) { return(new Iso9796d2Signer(new RsaBlindedEngine(), new MD5Digest(), true)); } if (mechanism.Equals("RIPEMD160WITHRSA/ISO9796-2")) { return(new Iso9796d2Signer(new RsaBlindedEngine(), new RipeMD160Digest(), true)); } if (mechanism.EndsWith("/X9.31")) { string x931 = mechanism.Substring(0, mechanism.Length - "/X9.31".Length); int withPos = x931.IndexOf("WITH"); if (withPos > 0) { int endPos = withPos + "WITH".Length; string digestName = x931.Substring(0, withPos); IDigest digest = DigestUtilities.GetDigest(digestName); string cipherName = x931.Substring(endPos, x931.Length - endPos); if (cipherName.Equals("RSA")) { IAsymmetricBlockCipher cipher = new RsaBlindedEngine(); return(new X931Signer(cipher, digest)); } } } throw new SecurityUtilityException("Signer " + algorithm + " not recognised."); }
private bool DoVerify(AsymmetricKeyParameter key) { //IL_019b: Expected O, but got Unknown //IL_03a0: Expected O, but got Unknown string digestAlgName = Helper.GetDigestAlgName(DigestAlgOid); IDigest digestInstance = Helper.GetDigestInstance(digestAlgName); DerObjectIdentifier algorithm = encryptionAlgorithm.Algorithm; Asn1Encodable parameters = encryptionAlgorithm.Parameters; ISigner signer; if (algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss)) { if (parameters == null) { throw new CmsException("RSASSA-PSS signature must specify algorithm parameters"); } try { RsassaPssParameters instance = RsassaPssParameters.GetInstance(parameters.ToAsn1Object()); if (!instance.HashAlgorithm.Algorithm.Equals(digestAlgorithm.Algorithm)) { throw new CmsException("RSASSA-PSS signature parameters specified incorrect hash algorithm"); } if (!instance.MaskGenAlgorithm.Algorithm.Equals(PkcsObjectIdentifiers.IdMgf1)) { throw new CmsException("RSASSA-PSS signature parameters specified unknown MGF"); } IDigest digest = DigestUtilities.GetDigest(instance.HashAlgorithm.Algorithm); int intValue = instance.SaltLength.Value.IntValue; byte b = (byte)instance.TrailerField.Value.IntValue; if (b != 1) { throw new CmsException("RSASSA-PSS signature parameters must have trailerField of 1"); } signer = new PssSigner(new RsaBlindedEngine(), digest, intValue); } catch (global::System.Exception e) { throw new CmsException("failed to set RSASSA-PSS signature parameters", e); } } else { string algorithm2 = digestAlgName + "with" + Helper.GetEncryptionAlgName(EncryptionAlgOid); signer = Helper.GetSignatureInstance(algorithm2); } try { if (digestCalculator != null) { resultDigest = digestCalculator.GetDigest(); } else { if (content != null) { content.Write((Stream)(object)new DigOutputStream(digestInstance)); } else if (signedAttributeSet == null) { throw new CmsException("data not encapsulated in signature - use detached constructor."); } resultDigest = DigestUtilities.DoFinal(digestInstance); } } catch (IOException val) { IOException e2 = val; throw new CmsException("can't process mime object to create signature.", (global::System.Exception)(object) e2); } Asn1Object singleValuedSignedAttribute = GetSingleValuedSignedAttribute(CmsAttributes.ContentType, "content-type"); if (singleValuedSignedAttribute == null) { if (!isCounterSignature && signedAttributeSet != null) { throw new CmsException("The content-type attribute type MUST be present whenever signed attributes are present in signed-data"); } } else { if (isCounterSignature) { throw new CmsException("[For counter signatures,] the signedAttributes field MUST NOT contain a content-type attribute"); } if (!(singleValuedSignedAttribute is DerObjectIdentifier)) { throw new CmsException("content-type attribute value not of ASN.1 type 'OBJECT IDENTIFIER'"); } DerObjectIdentifier derObjectIdentifier = (DerObjectIdentifier)singleValuedSignedAttribute; if (!derObjectIdentifier.Equals(contentType)) { throw new CmsException("content-type attribute value does not match eContentType"); } } Asn1Object singleValuedSignedAttribute2 = GetSingleValuedSignedAttribute(CmsAttributes.MessageDigest, "message-digest"); if (singleValuedSignedAttribute2 == null) { if (signedAttributeSet != null) { throw new CmsException("the message-digest signed attribute type MUST be present when there are any signed attributes present"); } } else { if (!(singleValuedSignedAttribute2 is Asn1OctetString)) { throw new CmsException("message-digest attribute value not of ASN.1 type 'OCTET STRING'"); } Asn1OctetString asn1OctetString = (Asn1OctetString)singleValuedSignedAttribute2; if (!Arrays.AreEqual(resultDigest, asn1OctetString.GetOctets())) { throw new CmsException("message-digest attribute value does not match calculated value"); } } Org.BouncyCastle.Asn1.Cms.AttributeTable signedAttributes = SignedAttributes; if (signedAttributes != null && signedAttributes.GetAll(CmsAttributes.CounterSignature).Count > 0) { throw new CmsException("A countersignature attribute MUST NOT be a signed attribute"); } Org.BouncyCastle.Asn1.Cms.AttributeTable unsignedAttributes = UnsignedAttributes; if (unsignedAttributes != null) { { global::System.Collections.IEnumerator enumerator = unsignedAttributes.GetAll(CmsAttributes.CounterSignature).GetEnumerator(); try { while (enumerator.MoveNext()) { Attribute attribute = (Attribute)enumerator.get_Current(); if (attribute.AttrValues.Count < 1) { throw new CmsException("A countersignature attribute MUST contain at least one AttributeValue"); } } } finally { global::System.IDisposable disposable = enumerator as global::System.IDisposable; if (disposable != null) { disposable.Dispose(); } } } } try { signer.Init(forSigning: false, key); if (signedAttributeSet == null) { if (digestCalculator != null) { return(VerifyDigest(resultDigest, key, GetSignature())); } if (content != null) { content.Write((Stream)(object)new SigOutputStream(signer)); } } else { byte[] encodedSignedAttributes = GetEncodedSignedAttributes(); signer.BlockUpdate(encodedSignedAttributes, 0, encodedSignedAttributes.Length); } return(signer.VerifySignature(GetSignature())); } catch (InvalidKeyException e3) { throw new CmsException("key not appropriate to signature in message.", e3); } catch (IOException val2) { IOException e4 = val2; throw new CmsException("can't process mime object to create signature.", (global::System.Exception)(object) e4); } catch (SignatureException ex) { throw new CmsException("invalid signature format in message: " + ((global::System.Exception)ex).get_Message(), ex); } }
public static ISigner GetSigner(string algorithm) { if (algorithm == null) { throw new ArgumentNullException("algorithm"); } algorithm = Platform.StringToUpper(algorithm); var mechanism = (string)algorithms[algorithm] ?? algorithm; if (mechanism.Equals("RSA")) { return(new RsaDigestSigner(new NullDigest())); } if (mechanism.Equals("MD2withRSA")) { return(new RsaDigestSigner(new MD2Digest())); } if (mechanism.Equals("MD4withRSA")) { return(new RsaDigestSigner(new MD4Digest())); } if (mechanism.Equals("MD5withRSA")) { return(new RsaDigestSigner(new MD5Digest())); } if (mechanism.Equals("SHA-1withRSA")) { return(new RsaDigestSigner(new Sha1Digest())); } if (mechanism.Equals("SHA-224withRSA")) { return(new RsaDigestSigner(new Sha224Digest())); } if (mechanism.Equals("SHA-256withRSA")) { return(new RsaDigestSigner(new Sha256Digest())); } if (mechanism.Equals("SHA-384withRSA")) { return(new RsaDigestSigner(new Sha384Digest())); } if (mechanism.Equals("SHA-512withRSA")) { return(new RsaDigestSigner(new Sha512Digest())); } if (mechanism.Equals("RIPEMD128withRSA")) { return(new RsaDigestSigner(new RipeMD128Digest())); } if (mechanism.Equals("RIPEMD160withRSA")) { return(new RsaDigestSigner(new RipeMD160Digest())); } if (mechanism.Equals("RIPEMD256withRSA")) { return(new RsaDigestSigner(new RipeMD256Digest())); } if (mechanism.Equals("RAWRSASSA-PSS")) { // TODO Add support for other parameter settings return(PssSigner.CreateRawSigner(new RsaBlindedEngine(), new Sha1Digest())); } if (mechanism.Equals("PSSwithRSA")) { // TODO The Sha1Digest here is a default. In JCE version, the actual digest // to be used can be overridden by subsequent parameter settings. return(new PssSigner(new RsaBlindedEngine(), new Sha1Digest())); } if (mechanism.Equals("SHA-1withRSAandMGF1")) { return(new PssSigner(new RsaBlindedEngine(), new Sha1Digest())); } if (mechanism.Equals("SHA-224withRSAandMGF1")) { return(new PssSigner(new RsaBlindedEngine(), new Sha224Digest())); } if (mechanism.Equals("SHA-256withRSAandMGF1")) { return(new PssSigner(new RsaBlindedEngine(), new Sha256Digest())); } if (mechanism.Equals("SHA-384withRSAandMGF1")) { return(new PssSigner(new RsaBlindedEngine(), new Sha384Digest())); } if (mechanism.Equals("SHA-512withRSAandMGF1")) { return(new PssSigner(new RsaBlindedEngine(), new Sha512Digest())); } if (mechanism.Equals("NONEwithDSA")) { return(new DsaDigestSigner(new DsaSigner(), new NullDigest())); } if (mechanism.Equals("SHA-1withDSA")) { return(new DsaDigestSigner(new DsaSigner(), new Sha1Digest())); } if (mechanism.Equals("SHA-224withDSA")) { return(new DsaDigestSigner(new DsaSigner(), new Sha224Digest())); } if (mechanism.Equals("SHA-256withDSA")) { return(new DsaDigestSigner(new DsaSigner(), new Sha256Digest())); } if (mechanism.Equals("SHA-384withDSA")) { return(new DsaDigestSigner(new DsaSigner(), new Sha384Digest())); } if (mechanism.Equals("SHA-512withDSA")) { return(new DsaDigestSigner(new DsaSigner(), new Sha512Digest())); } if (mechanism.Equals("NONEwithECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new NullDigest())); } if (mechanism.Equals("SHA-1withECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new Sha1Digest())); } if (mechanism.Equals("SHA-224withECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new Sha224Digest())); } if (mechanism.Equals("SHA-256withECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new Sha256Digest())); } if (mechanism.Equals("SHA-384withECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new Sha384Digest())); } if (mechanism.Equals("SHA-512withECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new Sha512Digest())); } if (mechanism.Equals("RIPEMD160withECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new RipeMD160Digest())); } if (mechanism.Equals("SHA1WITHECNR")) { return(new DsaDigestSigner(new ECNRSigner(), new Sha1Digest())); } if (mechanism.Equals("SHA224WITHECNR")) { return(new DsaDigestSigner(new ECNRSigner(), new Sha224Digest())); } if (mechanism.Equals("SHA256WITHECNR")) { return(new DsaDigestSigner(new ECNRSigner(), new Sha256Digest())); } if (mechanism.Equals("SHA384WITHECNR")) { return(new DsaDigestSigner(new ECNRSigner(), new Sha384Digest())); } if (mechanism.Equals("SHA512WITHECNR")) { return(new DsaDigestSigner(new ECNRSigner(), new Sha512Digest())); } if (mechanism.Equals("GOST3410")) { return(new Gost3410DigestSigner(new Gost3410Signer(), new Gost3411Digest())); } if (mechanism.Equals("ECGOST3410")) { return(new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411Digest())); } if (mechanism.Equals("SHA1WITHRSA/ISO9796-2")) { return(new Iso9796d2Signer(new RsaBlindedEngine(), new Sha1Digest(), true)); } if (mechanism.Equals("MD5WITHRSA/ISO9796-2")) { return(new Iso9796d2Signer(new RsaBlindedEngine(), new MD5Digest(), true)); } if (mechanism.Equals("RIPEMD160WITHRSA/ISO9796-2")) { return(new Iso9796d2Signer(new RsaBlindedEngine(), new RipeMD160Digest(), true)); } throw new SecurityUtilityException("Signer " + algorithm + " not recognised."); }
public override void PerformTest() { doTestSig(1, pub1, prv1, slt1a, msg1a, sig1a); doTestSig(2, pub1, prv1, slt1b, msg1b, sig1b); doTestSig(3, pub2, prv2, slt2a, msg2a, sig2a); doTestSig(4, pub2, prv2, slt2b, msg2b, sig2b); doTestSig(5, pub4, prv4, slt4a, msg4a, sig4a); doTestSig(6, pub4, prv4, slt4b, msg4b, sig4b); doTestSig(7, pub8, prv8, slt8a, msg8a, sig8a); doTestSig(8, pub8, prv8, slt8b, msg8b, sig8b); doTestSig(9, pub9, prv9, slt9a, msg9a, sig9a); doTestSig(10, pub9, prv9, slt9b, msg9b, sig9b); // // loop test - sha-1 only // PssSigner eng = new PssSigner(new RsaEngine(), new Sha1Digest(), 20); int failed = 0; byte[] data = new byte[DataLength]; SecureRandom random = new SecureRandom(); random.NextBytes(data); for (int j = 0; j < NumTests; j++) { eng.Init(true, new ParametersWithRandom(prv8, random)); eng.BlockUpdate(data, 0, data.Length); byte[] s = eng.GenerateSignature(); eng.Init(false, pub8); eng.BlockUpdate(data, 0, data.Length); if (!eng.VerifySignature(s)) { failed++; } } if (failed != 0) { Fail("loop test failed - failures: " + failed); } // // loop test - sha-256 and sha-1 // eng = new PssSigner(new RsaEngine(), new Sha256Digest(), new Sha1Digest(), 20); failed = 0; data = new byte[DataLength]; random.NextBytes(data); for (int j = 0; j < NumTests; j++) { eng.Init(true, new ParametersWithRandom(prv8, random)); eng.BlockUpdate(data, 0, data.Length); byte[] s = eng.GenerateSignature(); eng.Init(false, pub8); eng.BlockUpdate(data, 0, data.Length); if (!eng.VerifySignature(s)) { failed++; } } if (failed != 0) { Fail("loop test failed - failures: " + failed); } }
public bool Validate(OneKey signerKey) { CBORObject alg; // Get the set algorithm or infer one byte[] bytesToBeSigned = toBeSigned(); alg = FindAttribute(HeaderKeys.Algorithm); if (alg == null) { throw new CoseException("No algorithm specified"); } IDigest digest = null; IDigest digest2 = null; if (alg.Type == CBORType.TextString) { switch (alg.AsString()) { case "ES384": case "PS384": digest = new Sha384Digest(); digest2 = new Sha384Digest(); break; default: throw new CoseException("Unknown signature algorithm"); } } else if (alg.Type == CBORType.Integer) { switch ((AlgorithmValuesInt)alg.AsInt32()) { case AlgorithmValuesInt.ECDSA_256: case AlgorithmValuesInt.RSA_PSS_256: digest = new Sha256Digest(); digest2 = new Sha256Digest(); break; case AlgorithmValuesInt.ECDSA_384: case AlgorithmValuesInt.RSA_PSS_384: digest = new Sha384Digest(); digest2 = new Sha384Digest(); break; case AlgorithmValuesInt.ECDSA_512: case AlgorithmValuesInt.RSA_PSS_512: digest = new Sha512Digest(); digest2 = new Sha512Digest(); break; case AlgorithmValuesInt.EdDSA: break; case AlgorithmValuesInt.HSS_LMS: break; default: throw new CoseException("Unknown signature algorithm"); } } else { throw new CoseException("Algorthm incorrectly encoded"); } if (alg.Type == CBORType.TextString) { switch (alg.AsString()) { default: throw new CoseException("Unknown Algorithm"); } } else if (alg.Type == CBORType.Integer) { switch ((AlgorithmValuesInt)alg.AsInt32()) { case AlgorithmValuesInt.RSA_PSS_256: case AlgorithmValuesInt.RSA_PSS_384: case AlgorithmValuesInt.RSA_PSS_512: { PssSigner signer = new PssSigner(new RsaEngine(), digest, digest2, digest.GetByteLength()); RsaKeyParameters prv = new RsaPrivateCrtKeyParameters(signerKey.AsBigInteger(CoseKeyParameterKeys.RSA_n), signerKey.AsBigInteger(CoseKeyParameterKeys.RSA_e), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_d), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_p), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_q), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_dP), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_dQ), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_qInv)); ParametersWithRandom param = new ParametersWithRandom(prv, GetPRNG()); signer.Init(false, param); signer.BlockUpdate(bytesToBeSigned, 0, bytesToBeSigned.Length); return(signer.VerifySignature(_rgbSignature)); } case AlgorithmValuesInt.ECDSA_256: case AlgorithmValuesInt.ECDSA_384: case AlgorithmValuesInt.ECDSA_512: { digest.BlockUpdate(bytesToBeSigned, 0, bytesToBeSigned.Length); byte[] digestedMessage = new byte[digest.GetDigestSize()]; digest.DoFinal(digestedMessage, 0); X9ECParameters p = signerKey.GetCurve(); ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H); ECPoint point = signerKey.GetPoint(); ECPublicKeyParameters param = new ECPublicKeyParameters(point, parameters); ECDsaSigner ecdsa = new ECDsaSigner(); ecdsa.Init(false, param); BigInteger r = new BigInteger(1, _rgbSignature, 0, _rgbSignature.Length / 2); BigInteger s = new BigInteger(1, _rgbSignature, _rgbSignature.Length / 2, _rgbSignature.Length / 2); return(ecdsa.VerifySignature(digestedMessage, r, s)); } #if true case AlgorithmValuesInt.EdDSA: { ISigner eddsa; if (signerKey[CoseKeyParameterKeys.EC_Curve].Equals(GeneralValues.Ed25519)) { Ed25519PublicKeyParameters privKey = new Ed25519PublicKeyParameters(signerKey[CoseKeyParameterKeys.OKP_X].GetByteString(), 0); eddsa = new Ed25519Signer(); eddsa.Init(false, privKey); } else if (signerKey[CoseKeyParameterKeys.EC_Curve].Equals(GeneralValues.Ed448)) { Ed448PublicKeyParameters privKey = new Ed448PublicKeyParameters(signerKey[CoseKeyParameterKeys.OKP_X].GetByteString(), 0); eddsa = new Ed448Signer(new byte[0]); eddsa.Init(false, privKey); } else { throw new CoseException("Unrecognized curve"); } eddsa.BlockUpdate(bytesToBeSigned, 0, bytesToBeSigned.Length); return(eddsa.VerifySignature(_rgbSignature)); } #endif case AlgorithmValuesInt.HSS_LMS: return(HashSig.Validate(bytesToBeSigned, signerKey[CoseKeyParameterKeys.Lms_Public].GetByteString(), _rgbSignature)); default: throw new CoseException("Unknown Algorithm"); } } else { throw new CoseException("Algorithm incorrectly encoded"); } }
private byte[] _Sign(byte[] bytesToBeSigned) { CBORObject alg; // Get the set algorithm or infer one if (rgbContent == null) { throw new CoseException("No Content Specified"); } alg = FindAttribute(HeaderKeys.Algorithm); if (alg == null) { if (_keyToSign[CoseKeyKeys.KeyType].Type == CBORType.Integer) { switch ((GeneralValuesInt)_keyToSign[CoseKeyKeys.KeyType].AsInt32()) { case GeneralValuesInt.KeyType_RSA: alg = AlgorithmValues.RSA_PSS_256; break; case GeneralValuesInt.KeyType_EC2: if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Type == CBORType.Integer) { switch ((GeneralValuesInt)_keyToSign[CoseKeyParameterKeys.EC_Curve].AsInt32()) { case GeneralValuesInt.P256: alg = AlgorithmValues.ECDSA_256; break; case GeneralValuesInt.P521: alg = AlgorithmValues.ECDSA_512; break; default: throw new CoseException("Unknown curve"); } } else if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Type == CBORType.TextString) { switch (_keyToSign[CoseKeyParameterKeys.EC_Curve].AsString()) { case "P-384": alg = CBORObject.FromObject("ES384"); break; default: throw new CoseException("Unknown curve"); } } else { throw new CoseException("Curve is incorrectly encoded"); } break; case GeneralValuesInt.KeyType_OKP: if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Type == CBORType.Integer) { switch ((GeneralValuesInt)_keyToSign[CoseKeyParameterKeys.EC_Curve].AsInt32()) { case GeneralValuesInt.Ed25519: alg = AlgorithmValues.EdDSA; break; case GeneralValuesInt.Ed448: alg = AlgorithmValues.EdDSA; break; default: throw new CoseException("Unknown curve"); } } else if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Type == CBORType.TextString) { switch (_keyToSign[CoseKeyParameterKeys.EC_Curve].AsString()) { default: throw new CoseException("Unknown curve"); } } else { throw new CoseException("Curve is incorrectly encoded"); } break; default: throw new CoseException("Unknown or unsupported key type " + _keyToSign.AsString("kty")); } } else if (_keyToSign[CoseKeyKeys.KeyType].Type == CBORType.TextString) { throw new CoseException("Unknown or unsupported key type " + _keyToSign[CoseKeyKeys.KeyType].AsString()); } else { throw new CoseException("Key type is not correctly encoded"); } UnprotectedMap.Add(HeaderKeys.Algorithm, alg); } IDigest digest = null; IDigest digest2 = null; if (alg.Type == CBORType.TextString) { switch (alg.AsString()) { case "ES384": case "PS384": digest = new Sha384Digest(); digest2 = new Sha384Digest(); break; default: throw new CoseException("Unknown Algorithm Specified"); } } else if (alg.Type == CBORType.Integer) { switch ((AlgorithmValuesInt)alg.AsInt32()) { case AlgorithmValuesInt.ECDSA_256: case AlgorithmValuesInt.RSA_PSS_256: digest = new Sha256Digest(); digest2 = new Sha256Digest(); break; case AlgorithmValuesInt.ECDSA_384: case AlgorithmValuesInt.RSA_PSS_384: digest = new Sha384Digest(); digest2 = new Sha384Digest(); break; case AlgorithmValuesInt.ECDSA_512: case AlgorithmValuesInt.RSA_PSS_512: digest = new Sha512Digest(); digest2 = new Sha512Digest(); break; case AlgorithmValuesInt.EdDSA: break; case AlgorithmValuesInt.HSS_LMS: break; default: throw new CoseException("Unknown Algorithm Specified"); } } else { throw new CoseException("Algorithm incorrectly encoded"); } if (alg.Type == CBORType.TextString) { switch (alg.AsString()) { default: throw new CoseException("Unknown Algorithm Specified"); } } else if (alg.Type == CBORType.Integer) { switch ((AlgorithmValuesInt)alg.AsInt32()) { case AlgorithmValuesInt.RSA_PSS_256: case AlgorithmValuesInt.RSA_PSS_384: case AlgorithmValuesInt.RSA_PSS_512: { PssSigner signer = new PssSigner(new RsaEngine(), digest, digest2, digest.GetByteLength()); RsaKeyParameters prv = new RsaPrivateCrtKeyParameters( _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_n), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_e), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_d), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_p), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_q), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_dP), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_dQ), _keyToSign.AsBigInteger(CoseKeyParameterKeys.RSA_qInv)); ParametersWithRandom param = new ParametersWithRandom(prv, GetPRNG()); signer.Init(true, param); signer.BlockUpdate(bytesToBeSigned, 0, bytesToBeSigned.Length); return(signer.GenerateSignature()); } case AlgorithmValuesInt.ECDSA_256: case AlgorithmValuesInt.ECDSA_384: case AlgorithmValuesInt.ECDSA_512: { CBORObject privateKeyD = _keyToSign[CoseKeyParameterKeys.EC_D]; if (privateKeyD == null) { throw new CoseException("Private key required to sign"); } SecureRandom random = GetPRNG(); digest.BlockUpdate(bytesToBeSigned, 0, bytesToBeSigned.Length); byte[] digestedMessage = new byte[digest.GetDigestSize()]; digest.DoFinal(digestedMessage, 0); X9ECParameters p = _keyToSign.GetCurve(); ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H); ECPrivateKeyParameters privKey = new ECPrivateKeyParameters("ECDSA", ConvertBigNum(privateKeyD), parameters); ParametersWithRandom param = new ParametersWithRandom(privKey, random); ECDsaSigner ecdsa = new ECDsaSigner(new HMacDsaKCalculator(new Sha256Digest())); ecdsa.Init(true, param); BigInteger[] sigLms = ecdsa.GenerateSignature(digestedMessage); byte[] r = sigLms[0].ToByteArrayUnsigned(); byte[] s = sigLms[1].ToByteArrayUnsigned(); int cbR = (p.Curve.FieldSize + 7) / 8; byte[] sigs = new byte[cbR * 2]; Array.Copy(r, 0, sigs, cbR - r.Length, r.Length); Array.Copy(s, 0, sigs, cbR + cbR - s.Length, s.Length); return(sigs); } #if true case AlgorithmValuesInt.EdDSA: { ISigner eddsa; if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Equals(GeneralValues.Ed25519)) { Ed25519PrivateKeyParameters privKey = new Ed25519PrivateKeyParameters(_keyToSign[CoseKeyParameterKeys.OKP_D].GetByteString(), 0); eddsa = new Ed25519Signer(); eddsa.Init(true, privKey); } else if (_keyToSign[CoseKeyParameterKeys.EC_Curve].Equals(GeneralValues.Ed448)) { Ed448PrivateKeyParameters privKey = new Ed448PrivateKeyParameters(_keyToSign[CoseKeyParameterKeys.OKP_D].GetByteString(), 0); eddsa = new Ed448Signer(new byte[0]); eddsa.Init(true, privKey); } else { throw new CoseException("Unrecognized curve"); } eddsa.BlockUpdate(bytesToBeSigned, 0, bytesToBeSigned.Length); return(eddsa.GenerateSignature()); } #endif case AlgorithmValuesInt.HSS_LMS: HashSig sig = new HashSig(_keyToSign[CoseKeyParameterKeys.Lms_Private].AsString()); byte[] signBytes = sig.Sign(bytesToBeSigned); _keyToSign.Replace(CoseKeyParameterKeys.Lms_Private, CBORObject.FromObject(sig.PrivateKey)); return(signBytes); default: throw new CoseException("Unknown Algorithm Specified"); } } else { throw new CoseException("Algorithm incorrectly encoded"); } }
public static ISigner GetSigner( string algorithm) { if (algorithm == null) { throw new ArgumentNullException("algorithm"); } algorithm = Platform.ToUpperInvariant(algorithm); string mechanism = (string)algorithms[algorithm]; if (mechanism == null) { mechanism = algorithm; } if (Platform.StartsWith(mechanism, "Ed")) { if (mechanism.Equals("Ed25519")) { return(new Ed25519Signer()); } if (mechanism.Equals("Ed25519ctx")) { return(new Ed25519ctxSigner(Arrays.EmptyBytes)); } if (mechanism.Equals("Ed25519ph")) { return(new Ed25519phSigner(Arrays.EmptyBytes)); } if (mechanism.Equals("Ed448")) { return(new Ed448Signer(Arrays.EmptyBytes)); } if (mechanism.Equals("Ed448ph")) { return(new Ed448phSigner(Arrays.EmptyBytes)); } } if (mechanism.Equals("RSA")) { return(new RsaDigestSigner(new NullDigest(), (AlgorithmIdentifier)null)); } if (mechanism.Equals("RAWRSASSA-PSS")) { // TODO Add support for other parameter settings return(PssSigner.CreateRawSigner(new RsaBlindedEngine(), new Sha1Digest())); } if (mechanism.Equals("PSSwithRSA")) { // TODO The Sha1Digest here is a default. In JCE version, the actual digest // to be used can be overridden by subsequent parameter settings. return(new PssSigner(new RsaBlindedEngine(), new Sha1Digest())); } if (Platform.EndsWith(mechanism, "withRSA")) { string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with")); IDigest digest = DigestUtilities.GetDigest(digestName); return(new RsaDigestSigner(digest)); } if (Platform.EndsWith(mechanism, "withRSAandMGF1")) { string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with")); IDigest digest = DigestUtilities.GetDigest(digestName); return(new PssSigner(new RsaBlindedEngine(), digest)); } if (Platform.EndsWith(mechanism, "withDSA")) { string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with")); IDigest digest = DigestUtilities.GetDigest(digestName); return(new DsaDigestSigner(new DsaSigner(), digest)); } if (Platform.EndsWith(mechanism, "withECDSA")) { string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with")); IDigest digest = DigestUtilities.GetDigest(digestName); return(new DsaDigestSigner(new ECDsaSigner(), digest)); } if (Platform.EndsWith(mechanism, "withCVC-ECDSA") || Platform.EndsWith(mechanism, "withPLAIN-ECDSA")) { string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with")); IDigest digest = DigestUtilities.GetDigest(digestName); return(new DsaDigestSigner(new ECDsaSigner(), digest, PlainDsaEncoding.Instance)); } if (Platform.EndsWith(mechanism, "withECNR")) { string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with")); IDigest digest = DigestUtilities.GetDigest(digestName); return(new DsaDigestSigner(new ECNRSigner(), digest)); } if (Platform.EndsWith(mechanism, "withSM2")) { string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with")); IDigest digest = DigestUtilities.GetDigest(digestName); return(new SM2Signer(digest)); } if (mechanism.Equals("GOST3410") || mechanism.Equals("GOST3411WITHGOST3410")) { return(new Gost3410DigestSigner(new Gost3410Signer(), new Gost3411Digest())); } if (mechanism.Equals("ECGOST3410") || mechanism.Equals("GOST3411WITHECGOST3410")) { return(new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411Digest())); } if (mechanism.Equals("GOST3411_2012_256WITHECGOST3410")) { return(new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411_2012_256Digest())); } if (mechanism.Equals("GOST3411_2012_512WITHECGOST3410")) { return(new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411_2012_512Digest())); } if (mechanism.Equals("SHA1WITHRSA/ISO9796-2")) { return(new Iso9796d2Signer(new RsaBlindedEngine(), new Sha1Digest(), true)); } if (mechanism.Equals("MD5WITHRSA/ISO9796-2")) { return(new Iso9796d2Signer(new RsaBlindedEngine(), new MD5Digest(), true)); } if (mechanism.Equals("RIPEMD160WITHRSA/ISO9796-2")) { return(new Iso9796d2Signer(new RsaBlindedEngine(), new RipeMD160Digest(), true)); } if (Platform.EndsWith(mechanism, "/X9.31")) { string x931 = mechanism.Substring(0, mechanism.Length - "/X9.31".Length); int withPos = Platform.IndexOf(x931, "WITH"); if (withPos > 0) { int endPos = withPos + "WITH".Length; string digestName = x931.Substring(0, withPos); IDigest digest = DigestUtilities.GetDigest(digestName); string cipherName = x931.Substring(endPos, x931.Length - endPos); if (cipherName.Equals("RSA")) { IAsymmetricBlockCipher cipher = new RsaBlindedEngine(); return(new X931Signer(cipher, digest)); } } } throw new SecurityUtilityException("Signer " + algorithm + " not recognised."); }
public static ISigner GetSigner(string algorithm) { if (algorithm == null) { throw new ArgumentNullException("algorithm"); } algorithm = Platform.ToUpperInvariant(algorithm); string text = (string)SignerUtilities.algorithms[algorithm]; if (text == null) { text = algorithm; } if (text.Equals("RSA")) { return(new RsaDigestSigner(new NullDigest(), null)); } if (text.Equals("MD2withRSA")) { return(new RsaDigestSigner(new MD2Digest())); } if (text.Equals("MD4withRSA")) { return(new RsaDigestSigner(new MD4Digest())); } if (text.Equals("MD5withRSA")) { return(new RsaDigestSigner(new MD5Digest())); } if (text.Equals("SHA-1withRSA")) { return(new RsaDigestSigner(new Sha1Digest())); } if (text.Equals("SHA-224withRSA")) { return(new RsaDigestSigner(new Sha224Digest())); } if (text.Equals("SHA-256withRSA")) { return(new RsaDigestSigner(new Sha256Digest())); } if (text.Equals("SHA-384withRSA")) { return(new RsaDigestSigner(new Sha384Digest())); } if (text.Equals("SHA-512withRSA")) { return(new RsaDigestSigner(new Sha512Digest())); } if (text.Equals("RIPEMD128withRSA")) { return(new RsaDigestSigner(new RipeMD128Digest())); } if (text.Equals("RIPEMD160withRSA")) { return(new RsaDigestSigner(new RipeMD160Digest())); } if (text.Equals("RIPEMD256withRSA")) { return(new RsaDigestSigner(new RipeMD256Digest())); } if (text.Equals("RAWRSASSA-PSS")) { return(PssSigner.CreateRawSigner(new RsaBlindedEngine(), new Sha1Digest())); } if (text.Equals("PSSwithRSA")) { return(new PssSigner(new RsaBlindedEngine(), new Sha1Digest())); } if (text.Equals("SHA-1withRSAandMGF1")) { return(new PssSigner(new RsaBlindedEngine(), new Sha1Digest())); } if (text.Equals("SHA-224withRSAandMGF1")) { return(new PssSigner(new RsaBlindedEngine(), new Sha224Digest())); } if (text.Equals("SHA-256withRSAandMGF1")) { return(new PssSigner(new RsaBlindedEngine(), new Sha256Digest())); } if (text.Equals("SHA-384withRSAandMGF1")) { return(new PssSigner(new RsaBlindedEngine(), new Sha384Digest())); } if (text.Equals("SHA-512withRSAandMGF1")) { return(new PssSigner(new RsaBlindedEngine(), new Sha512Digest())); } if (text.Equals("NONEwithDSA")) { return(new DsaDigestSigner(new DsaSigner(), new NullDigest())); } if (text.Equals("SHA-1withDSA")) { return(new DsaDigestSigner(new DsaSigner(), new Sha1Digest())); } if (text.Equals("SHA-224withDSA")) { return(new DsaDigestSigner(new DsaSigner(), new Sha224Digest())); } if (text.Equals("SHA-256withDSA")) { return(new DsaDigestSigner(new DsaSigner(), new Sha256Digest())); } if (text.Equals("SHA-384withDSA")) { return(new DsaDigestSigner(new DsaSigner(), new Sha384Digest())); } if (text.Equals("SHA-512withDSA")) { return(new DsaDigestSigner(new DsaSigner(), new Sha512Digest())); } if (text.Equals("NONEwithECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new NullDigest())); } if (text.Equals("SHA-1withECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new Sha1Digest())); } if (text.Equals("SHA-224withECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new Sha224Digest())); } if (text.Equals("SHA-256withECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new Sha256Digest())); } if (text.Equals("SHA-384withECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new Sha384Digest())); } if (text.Equals("SHA-512withECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new Sha512Digest())); } if (text.Equals("RIPEMD160withECDSA")) { return(new DsaDigestSigner(new ECDsaSigner(), new RipeMD160Digest())); } if (text.Equals("SHA1WITHECNR")) { return(new DsaDigestSigner(new ECNRSigner(), new Sha1Digest())); } if (text.Equals("SHA224WITHECNR")) { return(new DsaDigestSigner(new ECNRSigner(), new Sha224Digest())); } if (text.Equals("SHA256WITHECNR")) { return(new DsaDigestSigner(new ECNRSigner(), new Sha256Digest())); } if (text.Equals("SHA384WITHECNR")) { return(new DsaDigestSigner(new ECNRSigner(), new Sha384Digest())); } if (text.Equals("SHA512WITHECNR")) { return(new DsaDigestSigner(new ECNRSigner(), new Sha512Digest())); } if (text.Equals("GOST3410")) { return(new Gost3410DigestSigner(new Gost3410Signer(), new Gost3411Digest())); } if (text.Equals("ECGOST3410")) { return(new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411Digest())); } if (text.Equals("SHA1WITHRSA/ISO9796-2")) { return(new Iso9796d2Signer(new RsaBlindedEngine(), new Sha1Digest(), true)); } if (text.Equals("MD5WITHRSA/ISO9796-2")) { return(new Iso9796d2Signer(new RsaBlindedEngine(), new MD5Digest(), true)); } if (text.Equals("RIPEMD160WITHRSA/ISO9796-2")) { return(new Iso9796d2Signer(new RsaBlindedEngine(), new RipeMD160Digest(), true)); } if (text.EndsWith("/X9.31")) { string text2 = text.Substring(0, text.Length - "/X9.31".Length); int num = text2.IndexOf("WITH"); if (num > 0) { int num2 = num + "WITH".Length; string algorithm2 = text2.Substring(0, num); IDigest digest = DigestUtilities.GetDigest(algorithm2); string text3 = text2.Substring(num2, text2.Length - num2); if (text3.Equals("RSA")) { IAsymmetricBlockCipher cipher = new RsaBlindedEngine(); return(new X931Signer(cipher, digest)); } } } throw new SecurityUtilityException("Signer " + algorithm + " not recognised."); }