public RecipientOperator GetRecipientOperator(AlgorithmIdentifier keyEncAlg, AlgorithmIdentifier contentEncryptionAlgorithm, byte[] encryptedContentKey)
{
byte[] keyBytes = null;
AsymmetricRsaPrivateKey rsaKey = privKey as AsymmetricRsaPrivateKey;
if (rsaKey != null)
{
// random required for blinding operations
keyBytes = CryptoServicesRegistrar.CreateService(rsaKey, random != null ? random: CryptoServicesRegistrar.GetSecureRandom()).CreateKeyUnwrapper(FipsRsa.WrapOaep.WithDigest(FipsShs.Sha1)).Unwrap(encryptedContentKey, 0, encryptedContentKey.Length).Collect();
}
IParameters <Algorithm> cipherParams = Utils.GetCipherParameters(contentEncryptionAlgorithm);
ICipherBuilder <AlgorithmIdentifier> decryptor;
if (Utils.IsBlockMode(cipherParams.Algorithm))
{
decryptor = new PkixBlockCipherBuilder(contentEncryptionAlgorithm, Utils.CreateBlockDecryptorBuilder(contentEncryptionAlgorithm, keyBytes, cipherParams));
}
else if (Utils.IsAeadMode(cipherParams.Algorithm))
{
decryptor = new PkixAeadCipherBuilder(contentEncryptionAlgorithm, Utils.CreateAeadDecryptorBuilder(contentEncryptionAlgorithm, keyBytes, cipherParams));
}
else
{
decryptor = new PkixCipherBuilder(contentEncryptionAlgorithm, Utils.CreateDecryptorBuilder(contentEncryptionAlgorithm, keyBytes, cipherParams));
}
return(new RecipientOperator(decryptor));
}
/// <summary>
/// Build a MAC factory based on the current configuration, keyed using password.
/// </summary>
/// <param name="password">the password to derive the MAC key from.</param>
/// <returns>a new MAC factory for PKCS#12</returns>
public IMacFactory <Pkcs12MacAlgDescriptor> Build(char[] password)
{
IPasswordBasedDeriver <Pbkd.PbkdParameters> deriver = CryptoServicesRegistrar.CreateService(Pbkd.Pkcs12).From(PasswordConverter.PKCS12, password)
.WithPrf(prf).WithSalt(salt).WithIterationCount(iterationCount).Build();
return(new Pkcs12MacFactory(new Pkcs12MacAlgDescriptor((AlgorithmIdentifier)Utils.pkcs12MacAlgIds[prf], salt, iterationCount), password));
}
internal SecretKeyDecryptor(SymmetricKeyAlgorithmTag symAlg, byte[] key, byte[] iv, S2k s2k, IDigestFactory <PgpDigestTypeIdentifier> checksumCalculatorFactory)
{
FipsTripleDes.ParametersWithIV parameters;
parameters = FipsTripleDes.Cfb64.WithIV(iv);
this.s2k = s2k;
cipherBuilder = CryptoServicesRegistrar.CreateService(new FipsTripleDes.Key(key)).CreateDecryptorBuilder(FipsTripleDes.Cfb64.WithIV(iv));
}
public SigWithDigestFactory(PublicKeyAlgorithmTag keyAlg, HashAlgorithmTag hashAlg, long keyId, AsymmetricRsaPrivateKey privateKey)
{
this.keyAlg = keyAlg;
this.hashAlg = hashAlg;
this.keyId = keyId;
this.privateKey = privateKey;
sigFact = CryptoServicesRegistrar.CreateService(privateKey, new SecureRandom()).CreateSignatureFactory(FipsRsa.Pkcs1v15.WithDigest((FipsDigestAlgorithm)PgpUtils.digests[hashAlg]));
digFact = CryptoServicesRegistrar.CreateService((FipsShs.Parameters)PgpUtils.digests[hashAlg]);
}
internal Pkcs12MacFactory(Pkcs12MacAlgDescriptor algDetails, char[] password)
{
this.algDetails = algDetails;
DigestAlgorithm prf = (DigestAlgorithm)Utils.digestTable[algDetails.DigestAlgorithm.Algorithm];
IPasswordBasedDeriver <Pbkd.PbkdParameters> deriver = CryptoServicesRegistrar.CreateService(Pbkd.Pkcs12).From(PasswordConverter.PKCS12, password)
.WithPrf(prf).WithSalt(algDetails.GetIV()).WithIterationCount(algDetails.IterationCount).Build();
this.baseFactory = CryptoServicesRegistrar.CreateService(new FipsShs.Key(FipsShs.Sha1HMac, deriver.DeriveKey(TargetKeyType.MAC, (int)Utils.digestSize[prf]))).CreateMacFactory((FipsShs.AuthenticationParameters)Utils.pkcs12MacIds[prf]);
}
public byte[] CalculateFingerprint(PublicKeyPacket publicPk)
{
IBcpgKey key = publicPk.Key;
if (publicPk.Version <= 3)
{
RsaPublicBcpgKey rK = (RsaPublicBcpgKey)key;
try
{
// TODO: MD5 needs to go in the main API...
MD5Digest digest = new MD5Digest();
byte[] bytes = new MPInteger(rK.Modulus).GetEncoded();
digest.BlockUpdate(bytes, 2, bytes.Length - 2);
bytes = new MPInteger(rK.PublicExponent).GetEncoded();
digest.BlockUpdate(bytes, 2, bytes.Length - 2);
byte[] digBuf = new byte[digest.GetDigestSize()];
digest.DoFinal(digBuf, 0);
return(digBuf);
}
catch (IOException e)
{
throw new PgpException("can't encode key components: " + e.Message, e);
}
}
else
{
try
{
byte[] kBytes = publicPk.GetEncodedContents();
IStreamCalculator <IBlockResult> hashCalc = CryptoServicesRegistrar.CreateService(FipsShs.Sha1).CreateCalculator();
Stream hStream = hashCalc.Stream;
hStream.WriteByte((byte)0x99);
hStream.WriteByte((byte)(kBytes.Length >> 8));
hStream.WriteByte((byte)kBytes.Length);
hStream.Write(kBytes, 0, kBytes.Length);
hStream.Close();
return(hashCalc.GetResult().Collect());
}
catch (IOException e)
{
throw new PgpException("can't encode key components: " + e.Message, e);
}
}
}
protected override byte[] GenerateWrappedKey(ISymmetricKey contentKey)
{
AsymmetricRsaPublicKey rsaKey = asymmetricPublicKey as AsymmetricRsaPublicKey;
if (rsaKey != null)
{
IKeyWrapper <FipsRsa.OaepWrapParameters> wrapper = CryptoServicesRegistrar.CreateService(rsaKey, new Security.SecureRandom()).CreateKeyWrapper(FipsRsa.WrapOaep.WithDigest(FipsShs.Sha1));
byte[] encKey = wrapper.Wrap(contentKey.GetKeyBytes()).Collect();
return(encKey);
}
throw new InvalidOperationException("algorithm for public key not matched");
}
internal static IBlockCipherBuilder <IParameters <Algorithm> > CreateBlockEncryptorBuilder(AlgorithmIdentifier encScheme, byte[] derivedKey, byte[] iv)
{
DerObjectIdentifier encSchemeAlg = encScheme.Algorithm;
if (encSchemeAlg.Equals(PkcsObjectIdentifiers.PbeWithShaAnd2KeyTripleDesCbc))
{
IBlockCipherService service = CryptoServicesRegistrar.CreateService(new FipsTripleDes.Key(derivedKey));
return(service.CreateBlockEncryptorBuilder(FipsTripleDes.Cbc.WithIV(iv)));
}
if (encSchemeAlg.Equals(PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc))
{
IBlockCipherService service = CryptoServicesRegistrar.CreateService(new FipsTripleDes.Key(derivedKey));
return(service.CreateBlockEncryptorBuilder(FipsTripleDes.Cbc.WithIV(iv)));
}
throw new ArgumentException("cannot match decryption algorithm");
}
internal static IAeadCipherBuilder <IParameters <Algorithm> > CreateAeadEncryptorBuilder(DerObjectIdentifier keyEncAlgorithm, byte[] derivedKey, IParameters <Algorithm> parameters)
{
DerObjectIdentifier encSchemeAlg = keyEncAlgorithm;
if (encSchemeAlg.On(NistObjectIdentifiers.Aes))
{
IAeadBlockCipherService service = CryptoServicesRegistrar.CreateService(new FipsAes.Key(derivedKey));
if (encSchemeAlg.Equals(NistObjectIdentifiers.IdAes128Ccm) || encSchemeAlg.Equals(NistObjectIdentifiers.IdAes192Ccm) || encSchemeAlg.Equals(NistObjectIdentifiers.IdAes256Ccm))
{
return(service.CreateAeadEncryptorBuilder((FipsAes.AuthenticationParametersWithIV)parameters));
}
if (encSchemeAlg.Equals(NistObjectIdentifiers.IdAes128Gcm) || encSchemeAlg.Equals(NistObjectIdentifiers.IdAes192Gcm) || encSchemeAlg.Equals(NistObjectIdentifiers.IdAes256Gcm))
{
return(service.CreateAeadEncryptorBuilder((FipsAes.AuthenticationParametersWithIV)parameters));
}
}
throw new ArgumentException("cannot match encryption algorithm");
}
internal static ICipherBuilder <IParameters <Algorithm> > CreateDecryptorBuilder(AlgorithmIdentifier encScheme, byte[] derivedKey, IParameters <Algorithm> parameters)
{
DerObjectIdentifier encSchemeAlg = encScheme.Algorithm;
if (encSchemeAlg.On(NistObjectIdentifiers.Aes))
{
IAeadBlockCipherService service = CryptoServicesRegistrar.CreateService(new FipsAes.Key(derivedKey));
if (encSchemeAlg.Equals(NistObjectIdentifiers.IdAes128Cfb) || encSchemeAlg.Equals(NistObjectIdentifiers.IdAes192Cfb) || encSchemeAlg.Equals(NistObjectIdentifiers.IdAes256Cfb))
{
return(service.CreateDecryptorBuilder(parameters));
}
if (encSchemeAlg.Equals(NistObjectIdentifiers.IdAes128Ofb) || encSchemeAlg.Equals(NistObjectIdentifiers.IdAes192Ofb) || encSchemeAlg.Equals(NistObjectIdentifiers.IdAes256Ofb))
{
return(service.CreateDecryptorBuilder(parameters));
}
}
throw new ArgumentException("cannot match decryption algorithm");
}
public IVerifierFactory <AlgorithmIdentifier> CreateVerifierFactory(AlgorithmIdentifier signatureAlgorithmID, AlgorithmIdentifier digestAlgorithmID)
{
IVerifierFactory <IParameters <Algorithm> > baseVerifier;
AsymmetricRsaPublicKey rsaKey = publicKey as AsymmetricRsaPublicKey;
if (rsaKey != null)
{
IVerifierFactoryService verifierService = CryptoServicesRegistrar.CreateService(rsaKey);
if (signatureAlgorithmID.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss))
{
FipsRsa.PssSignatureParameters pssParams = FipsRsa.Pss;
RsassaPssParameters sigParams = RsassaPssParameters.GetInstance(signatureAlgorithmID.Parameters);
pssParams = pssParams.WithDigest((FipsDigestAlgorithm)Utils.digestTable[sigParams.HashAlgorithm.Algorithm]);
AlgorithmIdentifier mgfDigAlg = AlgorithmIdentifier.GetInstance(AlgorithmIdentifier.GetInstance(sigParams.MaskGenAlgorithm).Parameters);
pssParams = pssParams.WithMgfDigest((FipsDigestAlgorithm)Utils.digestTable[mgfDigAlg.Algorithm]);
pssParams = pssParams.WithSaltLength(sigParams.SaltLength.Value.IntValue);
return(CreateVerifierFactory(signatureAlgorithmID, verifierService.CreateVerifierFactory(pssParams), certificate));
}
else if (PkixVerifierFactoryProvider.pkcs1Table.Contains(signatureAlgorithmID.Algorithm))
{
FipsRsa.SignatureParameters rsaParams = FipsRsa.Pkcs1v15.WithDigest((FipsDigestAlgorithm)PkixVerifierFactoryProvider.pkcs1Table[signatureAlgorithmID.Algorithm]);
return(CreateVerifierFactory(signatureAlgorithmID, verifierService.CreateVerifierFactory(rsaParams), certificate));
}
else if (signatureAlgorithmID.Algorithm.Equals(PkcsObjectIdentifiers.RsaEncryption))
{
FipsRsa.SignatureParameters rsaParams = FipsRsa.Pkcs1v15.WithDigest((FipsDigestAlgorithm)Utils.digestTable[digestAlgorithmID.Algorithm]);
return(CreateVerifierFactory(signatureAlgorithmID, verifierService.CreateVerifierFactory(rsaParams), certificate));
}
}
throw new ArgumentException("cannot match signature algorithm: " + signatureAlgorithmID.Algorithm);
}
private static byte[] getKey(
char[] password,
int keyLength,
byte[] salt,
bool des2)
{
IPasswordBasedDeriver <Pbkd.OpenSslParameters> paramsGen = CryptoServicesRegistrar.CreateService(Pbkd.OpenSsl).From(PasswordConverter.ASCII.Convert(password)).WithSalt(salt).Build();
byte[] derivedKey = paramsGen.DeriveKey(TargetKeyType.CIPHER, keyLength);
if (des2 && derivedKey.Length == 24)
{
// For DES2, we must copy first 8 bytes into the last 8 bytes.
byte[] key = derivedKey;
Array.Copy(key, 0, key, 16, 8);
return(key);
}
return(derivedKey);
}
internal SecretKeyEncryptor(SymmetricKeyAlgorithmTag symAlg, byte[] key, byte[] iv, S2k s2k, IDigestFactory <PgpDigestTypeIdentifier> checksumCalculatorFactory)
{
FipsTripleDes.ParametersWithIV parameters;
if (iv != null)
{
parameters = FipsTripleDes.Cfb64.WithIV(iv);
this.iv = iv;
}
else
{
if (this.random == null)
{
this.random = new SecureRandom();
}
parameters = FipsTripleDes.Cfb64.WithIV(random);
this.iv = parameters.GetIV();
}
this.s2k = s2k;
cipherBuilder = CryptoServicesRegistrar.CreateService(new FipsTripleDes.Key(key)).CreateEncryptorBuilder(FipsTripleDes.Cfb64.WithIV(iv));
}
public ICipherBuilder <AlgorithmIdentifier> Build(char[] password)
{
if (algorithm.Equals(PkcsObjectIdentifiers.IdPbeS2))
{
IPasswordBasedDeriverBuilder <FipsPbkd.Parameters> pbeDeriverBuilder = CryptoServicesRegistrar.CreateService(FipsPbkd.PbkdF2).From(converter, password);
IPasswordBasedDeriver <FipsPbkd.Parameters> pbeDeriver = pbeDeriverBuilder
.WithPrf(digestAlgorithm)
.WithSalt(salt)
.WithIterationCount(iterationCount)
.Build();
byte[] keyEnc = pbeDeriver.DeriveKey(TargetKeyType.CIPHER, (int)Utils.keySizesInBytes[keyEncAlgorithm]);
EncryptionScheme encScheme = Utils.GetEncryptionSchemeIdentifier(keyEncAlgorithm, random);
PbeS2Parameters algParams = new PbeS2Parameters(
new KeyDerivationFunc(PkcsObjectIdentifiers.IdPbkdf2, new Pbkdf2Params(salt, iterationCount,
new AlgorithmIdentifier((DerObjectIdentifier)Utils.digestTable[digestAlgorithm], DerNull.Instance))),
encScheme);
IParameters <Algorithm> cipherParams = Utils.GetCipherParameters(encScheme);
if (Utils.IsBlockMode(cipherParams.Algorithm))
{
return(new PbeBlockCipherBuilder(new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPbeS2, algParams), Utils.CreateBlockEncryptorBuilder(keyEncAlgorithm, keyEnc, cipherParams)));
}
else if (Utils.IsAeadMode(cipherParams.Algorithm))
{
return(new PkixAeadCipherBuilder(new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPbeS2, algParams), Utils.CreateAeadEncryptorBuilder(keyEncAlgorithm, keyEnc, cipherParams)));
}
else
{
return(new PkixCipherBuilder(new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPbeS2, algParams), Utils.CreateEncryptorBuilder(keyEncAlgorithm, keyEnc, cipherParams)));
}
}
else if (algorithm.Equals(PkcsObjectIdentifiers.PbeWithShaAnd2KeyTripleDesCbc) ||
algorithm.Equals(PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc))
{
int keySize = algorithm.Equals(PkcsObjectIdentifiers.PbeWithShaAnd2KeyTripleDesCbc) ? 16 : 24;
Pkcs12PbeParams pbeParams = new Pkcs12PbeParams(salt, iterationCount);
// we ignore converter as it's specified by the algorithm
IPasswordBasedDeriverBuilder <Pbkd.PbkdParameters> pbeDeriverBuilder = CryptoServicesRegistrar.CreateService(Pbkd.Pkcs12).From(PasswordConverter.PKCS12, password);
IPasswordBasedDeriver <Pbkd.PbkdParameters> pbeDeriver = pbeDeriverBuilder
.WithPrf(FipsShs.Sha1)
.WithSalt(pbeParams.GetIV())
.WithIterationCount(pbeParams.Iterations.IntValue)
.Build();
byte[][] keyIV = pbeDeriver.DeriveKeyAndIV(TargetKeyType.CIPHER, keySize, 8);
AlgorithmIdentifier algDetails = new AlgorithmIdentifier(algorithm, pbeParams);
return(new PbeBlockCipherBuilder(algDetails, Utils.CreateBlockEncryptorBuilder(algDetails, keyIV[0], keyIV[1])));
}
throw new InvalidOperationException("cannot match algorithm: " + algorithm);
}
public PkixDigestFactory(AlgorithmIdentifier algorithmID)
{
this.algorithmID = algorithmID;
this.digestFact = CryptoServicesRegistrar.CreateService((FipsShs.Parameters)Utils.digestTable[algorithmID.Algorithm]);
}
public ICipherBuilder <AlgorithmIdentifier> CreateDecryptorBuilder(AlgorithmIdentifier algorithmDetails)
{
if (algorithmDetails.Algorithm.Equals(PkcsObjectIdentifiers.IdPbeS2))
{
IPasswordBasedDeriverBuilder <FipsPbkd.Parameters> pbeDeriverBuilder = CryptoServicesRegistrar.CreateService(FipsPbkd.PbkdF2).From(converter.Convert(password));
PbeS2Parameters pbeParams = PbeS2Parameters.GetInstance(algorithmDetails.Parameters);
Pbkdf2Params pbkdfParams = Pbkdf2Params.GetInstance(pbeParams.KeyDerivationFunc.Parameters);
AlgorithmIdentifier encScheme = pbeParams.EncryptionScheme;
IPasswordBasedDeriver <FipsPbkd.Parameters> pbeDeriver = pbeDeriverBuilder
.WithPrf((DigestAlgorithm)Utils.digestTable[pbkdfParams.Prf.Algorithm])
.WithSalt(pbkdfParams.GetSalt())
.WithIterationCount(pbkdfParams.IterationCount.IntValue)
.Build();
byte[] keyEnc = pbeDeriver.DeriveKey(TargetKeyType.CIPHER, (pbkdfParams.KeyLength != null ? pbkdfParams.KeyLength.IntValue : (int)Utils.keySizesInBytes[encScheme.Algorithm]));
IParameters <Algorithm> cipherParams = Utils.GetCipherParameters(encScheme);
if (Utils.IsBlockMode(cipherParams.Algorithm))
{
return(new PbeBlockCipherBuilder(algorithmDetails, Utils.CreateBlockDecryptorBuilder(encScheme, keyEnc, cipherParams)));
}
else if (Utils.IsAeadMode(cipherParams.Algorithm))
{
return(new PkixAeadCipherBuilder(algorithmDetails, Utils.CreateAeadDecryptorBuilder(encScheme, keyEnc, cipherParams)));
}
else
{
return(new PkixCipherBuilder(algorithmDetails, Utils.CreateDecryptorBuilder(encScheme, keyEnc, cipherParams)));
}
}
else if (algorithmDetails.Algorithm.Equals(PkcsObjectIdentifiers.PbeWithShaAnd2KeyTripleDesCbc) ||
algorithmDetails.Algorithm.Equals(PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc))
{
int keySize = algorithmDetails.Algorithm.Equals(PkcsObjectIdentifiers.PbeWithShaAnd2KeyTripleDesCbc) ? 16 : 24;
Pkcs12PbeParams pbeParams = Pkcs12PbeParams.GetInstance(algorithmDetails.Parameters);
// we ignore converter as it's specified by the algorithm
IPasswordBasedDeriverBuilder <Pbkd.PbkdParameters> pbeDeriverBuilder = CryptoServicesRegistrar.CreateService(Pbkd.Pkcs12).From(PasswordConverter.PKCS12, password);
IPasswordBasedDeriver <Pbkd.PbkdParameters> pbeDeriver = pbeDeriverBuilder
.WithPrf(FipsShs.Sha1)
.WithSalt(pbeParams.GetIV())
.WithIterationCount(pbeParams.Iterations.IntValue)
.Build();
byte[][] keyIV = pbeDeriver.DeriveKeyAndIV(TargetKeyType.CIPHER, keySize, 8);
return(new PbeBlockCipherBuilder(algorithmDetails, Utils.CreateDecryptorBuilder(algorithmDetails, keyIV[0], keyIV[1])));
}
throw new InvalidOperationException("cannot match algorithm: " + algorithmDetails.Algorithm);
}
/// <summary>
/// Return a verifier factory that produces verifiers conforming to algorithmDetails.
/// </summary>
/// <param name="algorithmDetails">The configuration parameters for verifiers produced by the resulting factory.</param>
/// <returns>A new verifier factory.</returns>
public IVerifierFactory <AlgorithmIdentifier> CreateVerifierFactory(AlgorithmIdentifier algorithmDetails)
{
AsymmetricRsaPublicKey rsaKey = publicKey as AsymmetricRsaPublicKey;
if (rsaKey != null)
{
IVerifierFactoryService verifierService = CryptoServicesRegistrar.CreateService(rsaKey);
if (algorithmDetails.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss))
{
FipsRsa.PssSignatureParameters pssParams = FipsRsa.Pss;
RsassaPssParameters sigParams = RsassaPssParameters.GetInstance(algorithmDetails.Parameters);
pssParams = pssParams.WithDigest((FipsDigestAlgorithm)Utils.digestTable[sigParams.HashAlgorithm.Algorithm]);
AlgorithmIdentifier mgfDigAlg = AlgorithmIdentifier.GetInstance(AlgorithmIdentifier.GetInstance(sigParams.MaskGenAlgorithm).Parameters);
pssParams = pssParams.WithMgfDigest((FipsDigestAlgorithm)Utils.digestTable[mgfDigAlg.Algorithm]);
pssParams = pssParams.WithSaltLength(sigParams.SaltLength.Value.IntValue);
return(CreateVerifierFactory(algorithmDetails, verifierService.CreateVerifierFactory(pssParams), certificate));
}
else if (pkcs1Table.Contains(algorithmDetails.Algorithm))
{
FipsRsa.SignatureParameters rsaParams = FipsRsa.Pkcs1v15.WithDigest((FipsDigestAlgorithm)pkcs1Table[algorithmDetails.Algorithm]);
return(CreateVerifierFactory(algorithmDetails, verifierService.CreateVerifierFactory(rsaParams), certificate));
}
}
AsymmetricDsaPublicKey dsaKey = publicKey as AsymmetricDsaPublicKey;
if (dsaKey != null)
{
IVerifierFactoryService verifierService = CryptoServicesRegistrar.CreateService(dsaKey);
FipsDsa.SignatureParameters sigParams = (FipsDsa.SignatureParameters)dsaTable[algorithmDetails.Algorithm];
return(CreateVerifierFactory(algorithmDetails, verifierService.CreateVerifierFactory(sigParams), certificate));
}
AsymmetricECPublicKey ecdsaKey = publicKey as AsymmetricECPublicKey;
if (ecdsaKey != null)
{
IVerifierFactoryService verifierService = CryptoServicesRegistrar.CreateService(ecdsaKey);
FipsEC.SignatureParameters sigParams = (FipsEC.SignatureParameters)ecdsaTable[algorithmDetails.Algorithm];
return(CreateVerifierFactory(algorithmDetails, verifierService.CreateVerifierFactory(sigParams), certificate));
}
AsymmetricSphincsPublicKey sphincsKey = publicKey as AsymmetricSphincsPublicKey;
if (sphincsKey != null)
{
IVerifierFactoryService verifierService = CryptoServicesRegistrar.CreateService(sphincsKey);
if (algorithmDetails.Algorithm.Equals(BCObjectIdentifiers.sphincs256_with_SHA512))
{
return(CreateVerifierFactory(algorithmDetails, verifierService.CreateVerifierFactory(Sphincs.Sphincs256), certificate));
}
else
{
return(CreateVerifierFactory(algorithmDetails, verifierService.CreateVerifierFactory(Sphincs.Sphincs256.WithDigest(FipsShs.Sha3_512)), certificate));
}
}
throw new ArgumentException("cannot match signature algorithm");
}
internal static ICipherBuilder <DekInfo> Crypt(
bool encrypt,
char[] password,
String dekAlgName,
byte[] iv)
{
byte[] ivValue = iv;
String blockMode = "CBC";
byte[] sKey;
IBlockCipherService cipherService = null;
IBlockCipherBuilder <IParameters <Algorithm> > blockCipherBuilder = null;
ICipherBuilder <IParameters <Algorithm> > cipherBuilder = null;
DekInfo dekInfo;
if (iv != null && iv.Length != 0)
{
dekInfo = new DekInfo(dekAlgName + "," + Hex.ToHexString(iv));
}
else
{
dekInfo = new DekInfo(dekAlgName);
}
// Figure out block mode and padding.
if (dekAlgName.EndsWith("-CFB"))
{
blockMode = "CFB";
}
if (dekAlgName.EndsWith("-ECB") ||
"DES-EDE".Equals(dekAlgName) ||
"DES-EDE3".Equals(dekAlgName))
{
// ECB is actually the default (though seldom used) when OpenSSL
// uses DES-EDE (des2) or DES-EDE3 (des3).
blockMode = "ECB";
}
if (dekAlgName.EndsWith("-OFB"))
{
blockMode = "OFB";
}
// Figure out algorithm and key size.
if (dekAlgName.StartsWith("DES-EDE"))
{
// "DES-EDE" is actually des2 in OpenSSL-speak!
// "DES-EDE3" is des3.
bool des2 = !dekAlgName.StartsWith("DES-EDE3");
FipsTripleDes.Key tdesKey = new FipsTripleDes.Key(getKey(password, 24, iv, des2));
cipherService = CryptoServicesRegistrar.CreateService(tdesKey);
if (blockMode.Equals("CBC"))
{
if (encrypt)
{
blockCipherBuilder = cipherService.CreateBlockEncryptorBuilder(FipsTripleDes.Cbc.WithIV(ivValue));
}
else
{
blockCipherBuilder = cipherService.CreateBlockDecryptorBuilder(FipsTripleDes.Cbc.WithIV(ivValue));
}
}
else if (blockMode.Equals("CFB"))
{
if (encrypt)
{
cipherBuilder = cipherService.CreateEncryptorBuilder(FipsTripleDes.Cfb64.WithIV(ivValue));
}
else
{
cipherBuilder = cipherService.CreateDecryptorBuilder(FipsTripleDes.Cfb64.WithIV(ivValue));
}
}
else if (blockMode.Equals("OFB"))
{
if (encrypt)
{
cipherBuilder = cipherService.CreateEncryptorBuilder(FipsTripleDes.Ofb.WithIV(ivValue));
}
else
{
cipherBuilder = cipherService.CreateDecryptorBuilder(FipsTripleDes.Ofb.WithIV(ivValue));
}
}
else
{
if (encrypt)
{
blockCipherBuilder = cipherService.CreateBlockEncryptorBuilder(FipsTripleDes.Ecb);
}
else
{
blockCipherBuilder = cipherService.CreateBlockDecryptorBuilder(FipsTripleDes.Ecb);
}
}
}
else if (dekAlgName.StartsWith("DES-"))
{
sKey = getKey(password, 8, iv);
throw new InvalidOperationException("no support for DES");
}
else if (dekAlgName.StartsWith("BF-"))
{
sKey = getKey(password, 16, iv);
throw new InvalidOperationException("no support for Blowfish");
}
else if (dekAlgName.StartsWith("RC2-"))
{
int keyBits = 128;
if (dekAlgName.StartsWith("RC2-40-"))
{
keyBits = 40;
}
else if (dekAlgName.StartsWith("RC2-64-"))
{
keyBits = 64;
}
//sKey = new RC2Parameters(getKey(password, keyBits / 8, iv).getKey(), keyBits);
throw new InvalidOperationException("no support for RC2");
}
else if (dekAlgName.StartsWith("AES-"))
{
byte[] salt = iv;
if (salt.Length > 8)
{
salt = new byte[8];
Array.Copy(iv, 0, salt, 0, 8);
}
int keyBits;
if (dekAlgName.StartsWith("AES-128-"))
{
keyBits = 128;
}
else if (dekAlgName.StartsWith("AES-192-"))
{
keyBits = 192;
}
else if (dekAlgName.StartsWith("AES-256-"))
{
keyBits = 256;
}
else
{
throw new InvalidOperationException("unknown AES encryption with private key: " + dekAlgName);
}
FipsAes.Key aesKey = new FipsAes.Key(getKey(password, keyBits / 8, salt));
cipherService = CryptoServicesRegistrar.CreateService(aesKey);
if (blockMode.Equals("CBC"))
{
if (encrypt)
{
blockCipherBuilder = cipherService.CreateBlockEncryptorBuilder(FipsAes.Cbc.WithIV(ivValue));
}
else
{
blockCipherBuilder = cipherService.CreateBlockDecryptorBuilder(FipsAes.Cbc.WithIV(ivValue));
}
}
else if (blockMode.Equals("CFB"))
{
if (encrypt)
{
cipherBuilder = cipherService.CreateEncryptorBuilder(FipsAes.Cfb128.WithIV(ivValue));
}
else
{
cipherBuilder = cipherService.CreateDecryptorBuilder(FipsAes.Cfb128.WithIV(ivValue));
}
}
else if (blockMode.Equals("OFB"))
{
if (encrypt)
{
cipherBuilder = cipherService.CreateEncryptorBuilder(FipsAes.Ofb.WithIV(ivValue));
}
else
{
cipherBuilder = cipherService.CreateDecryptorBuilder(FipsAes.Ofb.WithIV(ivValue));
}
}
else
{
if (encrypt)
{
blockCipherBuilder = cipherService.CreateBlockEncryptorBuilder(FipsAes.Ecb);
}
else
{
blockCipherBuilder = cipherService.CreateBlockDecryptorBuilder(FipsAes.Ecb);
}
}
}
else
{
throw new InvalidOperationException("unknown encryption with private key: " + dekAlgName);
}
if (blockMode.Equals("CBC") || blockMode.Equals("ECB"))
{
if (encrypt)
{
return(new PemBlockCipherImpl(encrypt, dekInfo, blockCipherBuilder));
}
else
{
return(new PemBlockCipherImpl(encrypt, dekInfo, blockCipherBuilder));
}
}
else
{
if (encrypt)
{
return(new PemCipherImpl(dekInfo, cipherBuilder));
}
else
{
return(new PemCipherImpl(dekInfo, cipherBuilder));
}
}
}
private static IVerifierFactory <IParameters <Algorithm> > getVerifier(PgpPublicKey key, HashAlgorithmTag hashAlg)
{
return(CryptoServicesRegistrar.CreateService((AsymmetricRsaPublicKey)KeyFactory.ConvertPublic(key)).CreateVerifierFactory(FipsRsa.Pkcs1v15.WithDigest((FipsDigestAlgorithm)PgpUtils.digests[hashAlg])));
}
/// <summary>
/// Construct a KDF using the given PRF to process the agreed value with. The outputSize parameter determines how many bytes
/// will be generated.
/// </summary>
/// <param name="kdfBuilder">KDF algorithm builder to use for parameter creation.</param>
/// <param name="prf">The PRF to use in the KDF.</param>
/// <param name="iv">The iv parameter for KDF initialization.</param>
/// <param name="outputSize">The size of the output to be generated from the KDF.</param>
public FipsKdfKmg(FipsKdf.AgreementKdfBuilderService kdfBuilder, FipsPrfAlgorithm prf, byte[] iv, int outputSize)
{
this.kdfBuilder = CryptoServicesRegistrar.CreateService(kdfBuilder).WithPrf(prf);
this.iv = Arrays.Clone(iv);
this.outputSize = outputSize;
}
static Utils()
{
algorithms.Add("SHA1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
algorithms.Add("SHA1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
algorithms.Add("SHA224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
algorithms.Add("SHA224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
algorithms.Add("SHA256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
algorithms.Add("SHA256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
algorithms.Add("SHA384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
algorithms.Add("SHA384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
algorithms.Add("SHA512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
algorithms.Add("SHA512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
algorithms.Add("SHA1WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
algorithms.Add("SHA224WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
algorithms.Add("SHA256WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
algorithms.Add("SHA384WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
algorithms.Add("SHA512WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
algorithms.Add("SHA1WITHDSA", X9ObjectIdentifiers.IdDsaWithSha1);
algorithms.Add("DSAWITHSHA1", X9ObjectIdentifiers.IdDsaWithSha1);
algorithms.Add("SHA224WITHDSA", NistObjectIdentifiers.DsaWithSha224);
algorithms.Add("SHA256WITHDSA", NistObjectIdentifiers.DsaWithSha256);
algorithms.Add("SHA384WITHDSA", NistObjectIdentifiers.DsaWithSha384);
algorithms.Add("SHA512WITHDSA", NistObjectIdentifiers.DsaWithSha512);
algorithms.Add("SHA1WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha1);
algorithms.Add("ECDSAWITHSHA1", X9ObjectIdentifiers.ECDsaWithSha1);
algorithms.Add("SHA224WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha224);
algorithms.Add("SHA256WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha256);
algorithms.Add("SHA384WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha384);
algorithms.Add("SHA512WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha512);
//
// According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
// The parameters field SHALL be NULL for RSA based signature algorithms.
//
noParams.Add(X9ObjectIdentifiers.ECDsaWithSha1);
noParams.Add(X9ObjectIdentifiers.ECDsaWithSha224);
noParams.Add(X9ObjectIdentifiers.ECDsaWithSha256);
noParams.Add(X9ObjectIdentifiers.ECDsaWithSha384);
noParams.Add(X9ObjectIdentifiers.ECDsaWithSha512);
noParams.Add(X9ObjectIdentifiers.IdDsaWithSha1);
noParams.Add(NistObjectIdentifiers.DsaWithSha224);
noParams.Add(NistObjectIdentifiers.DsaWithSha256);
noParams.Add(NistObjectIdentifiers.DsaWithSha384);
noParams.Add(NistObjectIdentifiers.DsaWithSha512);
//
// explicit params
//
AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance);
exParams.Add("SHA1WITHRSAANDMGF1", CreatePssParams(sha1AlgId, 20));
pssTable.Add(FipsShs.Sha1, sha1AlgId);
AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance);
exParams.Add("SHA224WITHRSAANDMGF1", CreatePssParams(sha224AlgId, 28));
pssTable.Add(FipsShs.Sha224, sha224AlgId);
AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance);
exParams.Add("SHA256WITHRSAANDMGF1", CreatePssParams(sha256AlgId, 32));
pssTable.Add(FipsShs.Sha256, sha256AlgId);
AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance);
exParams.Add("SHA384WITHRSAANDMGF1", CreatePssParams(sha384AlgId, 48));
pssTable.Add(FipsShs.Sha384, sha384AlgId);
AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512, DerNull.Instance);
exParams.Add("SHA512WITHRSAANDMGF1", CreatePssParams(sha512AlgId, 64));
pssTable.Add(FipsShs.Sha512, sha512AlgId);
rsaPkcs1Table.Add(FipsShs.Sha1, new AlgorithmIdentifier(PkcsObjectIdentifiers.Sha1WithRsaEncryption, DerNull.Instance));
rsaPkcs1Table.Add(FipsShs.Sha224, new AlgorithmIdentifier(PkcsObjectIdentifiers.Sha224WithRsaEncryption, DerNull.Instance));
rsaPkcs1Table.Add(FipsShs.Sha256, new AlgorithmIdentifier(PkcsObjectIdentifiers.Sha256WithRsaEncryption, DerNull.Instance));
rsaPkcs1Table.Add(FipsShs.Sha384, new AlgorithmIdentifier(PkcsObjectIdentifiers.Sha384WithRsaEncryption, DerNull.Instance));
rsaPkcs1Table.Add(FipsShs.Sha512, new AlgorithmIdentifier(PkcsObjectIdentifiers.Sha512WithRsaEncryption, DerNull.Instance));
dsaTable.Add(FipsShs.Sha1, new AlgorithmIdentifier(X9ObjectIdentifiers.IdDsaWithSha1));
dsaTable.Add(FipsShs.Sha224, new AlgorithmIdentifier(NistObjectIdentifiers.DsaWithSha224));
dsaTable.Add(FipsShs.Sha256, new AlgorithmIdentifier(NistObjectIdentifiers.DsaWithSha256));
dsaTable.Add(FipsShs.Sha384, new AlgorithmIdentifier(NistObjectIdentifiers.DsaWithSha384));
dsaTable.Add(FipsShs.Sha512, new AlgorithmIdentifier(NistObjectIdentifiers.DsaWithSha512));
ecdsaTable.Add(FipsShs.Sha1, new AlgorithmIdentifier(X9ObjectIdentifiers.ECDsaWithSha1));
ecdsaTable.Add(FipsShs.Sha224, new AlgorithmIdentifier(X9ObjectIdentifiers.ECDsaWithSha224));
ecdsaTable.Add(FipsShs.Sha256, new AlgorithmIdentifier(X9ObjectIdentifiers.ECDsaWithSha256));
ecdsaTable.Add(FipsShs.Sha384, new AlgorithmIdentifier(X9ObjectIdentifiers.ECDsaWithSha384));
ecdsaTable.Add(FipsShs.Sha512, new AlgorithmIdentifier(X9ObjectIdentifiers.ECDsaWithSha512));
digestTable.Add(FipsShs.Sha512_256, NistObjectIdentifiers.IdSha512_256);
digestTable.Add(FipsShs.Sha3_256, NistObjectIdentifiers.IdSha3_256);
digestTable.Add(FipsShs.Sha1HMac, PkcsObjectIdentifiers.IdHmacWithSha1);
digestTable.Add(FipsShs.Sha224HMac, PkcsObjectIdentifiers.IdHmacWithSha224);
digestTable.Add(FipsShs.Sha256HMac, PkcsObjectIdentifiers.IdHmacWithSha256);
digestTable.Add(FipsShs.Sha384HMac, PkcsObjectIdentifiers.IdHmacWithSha384);
digestTable.Add(FipsShs.Sha512HMac, PkcsObjectIdentifiers.IdHmacWithSha512);
digestTable.Add(OiwObjectIdentifiers.IdSha1, FipsShs.Sha1);
digestTable.Add(NistObjectIdentifiers.IdSha224, FipsShs.Sha224);
digestTable.Add(NistObjectIdentifiers.IdSha256, FipsShs.Sha256);
digestTable.Add(NistObjectIdentifiers.IdSha384, FipsShs.Sha384);
digestTable.Add(NistObjectIdentifiers.IdSha512, FipsShs.Sha512);
digestTable.Add(NistObjectIdentifiers.IdSha512_224, FipsShs.Sha512_224);
digestTable.Add(NistObjectIdentifiers.IdSha512_256, FipsShs.Sha512_256);
digestTable.Add(PkcsObjectIdentifiers.IdHmacWithSha1, FipsShs.Sha1HMac);
digestTable.Add(PkcsObjectIdentifiers.IdHmacWithSha224, FipsShs.Sha224HMac);
digestTable.Add(PkcsObjectIdentifiers.IdHmacWithSha256, FipsShs.Sha256HMac);
digestTable.Add(PkcsObjectIdentifiers.IdHmacWithSha384, FipsShs.Sha384HMac);
digestTable.Add(PkcsObjectIdentifiers.IdHmacWithSha512, FipsShs.Sha512HMac);
digestSize.Add(FipsShs.Sha1, 20);
digestSize.Add(FipsShs.Sha224, 28);
digestSize.Add(FipsShs.Sha256, 32);
digestSize.Add(FipsShs.Sha384, 48);
digestSize.Add(FipsShs.Sha512, 64);
pkcs12MacAlgIds.Add(FipsShs.Sha1, new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance));
pkcs12MacAlgIds.Add(FipsShs.Sha224, new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance));
pkcs12MacAlgIds.Add(FipsShs.Sha256, new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance));
pkcs12MacAlgIds.Add(FipsShs.Sha384, new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance));
pkcs12MacAlgIds.Add(FipsShs.Sha512, new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512, DerNull.Instance));
pkcs12MacAlgIds.Add(FipsShs.Sha512_224, new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512_224, DerNull.Instance));
pkcs12MacAlgIds.Add(FipsShs.Sha512_256, new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512_256, DerNull.Instance));
pkcs12MacIds.Add(FipsShs.Sha1, FipsShs.Sha1HMac);
pkcs12MacIds.Add(FipsShs.Sha224, FipsShs.Sha224HMac);
pkcs12MacIds.Add(FipsShs.Sha256, FipsShs.Sha256HMac);
pkcs12MacIds.Add(FipsShs.Sha384, FipsShs.Sha384HMac);
pkcs12MacIds.Add(FipsShs.Sha512, FipsShs.Sha512HMac);
pkcs12MacIds.Add(FipsShs.Sha512_224, FipsShs.Sha512_224HMac);
pkcs12MacIds.Add(FipsShs.Sha512_256, FipsShs.Sha512_256HMac);
keySizesInBytes.Add(NistObjectIdentifiers.IdAes128Ecb, 16);
keySizesInBytes.Add(NistObjectIdentifiers.IdAes192Ecb, 24);
keySizesInBytes.Add(NistObjectIdentifiers.IdAes256Ecb, 32);
keySizesInBytes.Add(NistObjectIdentifiers.IdAes128Cbc, 16);
keySizesInBytes.Add(NistObjectIdentifiers.IdAes192Cbc, 24);
keySizesInBytes.Add(NistObjectIdentifiers.IdAes256Cbc, 32);
keySizesInBytes.Add(NistObjectIdentifiers.IdAes128Cfb, 16);
keySizesInBytes.Add(NistObjectIdentifiers.IdAes192Cfb, 24);
keySizesInBytes.Add(NistObjectIdentifiers.IdAes256Cfb, 32);
keySizesInBytes.Add(NistObjectIdentifiers.IdAes128Ofb, 16);
keySizesInBytes.Add(NistObjectIdentifiers.IdAes192Ofb, 24);
keySizesInBytes.Add(NistObjectIdentifiers.IdAes256Ofb, 32);
keySizesInBytes.Add(NistObjectIdentifiers.IdAes128Ccm, 16);
keySizesInBytes.Add(NistObjectIdentifiers.IdAes192Ccm, 24);
keySizesInBytes.Add(NistObjectIdentifiers.IdAes256Ccm, 32);
keySizesInBytes.Add(NistObjectIdentifiers.IdAes128Gcm, 16);
keySizesInBytes.Add(NistObjectIdentifiers.IdAes192Gcm, 24);
keySizesInBytes.Add(NistObjectIdentifiers.IdAes256Gcm, 32);
keySizesInBytes.Add(PkcsObjectIdentifiers.DesEde3Cbc, 24);
keySizesInBytes.Add(NttObjectIdentifiers.IdCamellia128Cbc, 16);
keySizesInBytes.Add(NttObjectIdentifiers.IdCamellia192Cbc, 24);
keySizesInBytes.Add(NttObjectIdentifiers.IdCamellia256Cbc, 32);
keySizesInBytes.Add(KisaObjectIdentifiers.IdSeedCbc, 16);
ivSizesInBytes.Add(NistObjectIdentifiers.IdAes128Ecb, 0);
ivSizesInBytes.Add(NistObjectIdentifiers.IdAes192Ecb, 0);
ivSizesInBytes.Add(NistObjectIdentifiers.IdAes256Ecb, 0);
ivSizesInBytes.Add(NistObjectIdentifiers.IdAes128Cbc, 16);
ivSizesInBytes.Add(NistObjectIdentifiers.IdAes192Cbc, 16);
ivSizesInBytes.Add(NistObjectIdentifiers.IdAes256Cbc, 16);
ivSizesInBytes.Add(NistObjectIdentifiers.IdAes128Cfb, 16);
ivSizesInBytes.Add(NistObjectIdentifiers.IdAes192Cfb, 16);
ivSizesInBytes.Add(NistObjectIdentifiers.IdAes256Cfb, 16);
ivSizesInBytes.Add(NistObjectIdentifiers.IdAes128Ofb, 16);
ivSizesInBytes.Add(NistObjectIdentifiers.IdAes192Ofb, 16);
ivSizesInBytes.Add(NistObjectIdentifiers.IdAes256Ofb, 16);
ivSizesInBytes.Add(NistObjectIdentifiers.IdAes128Ccm, 12);
ivSizesInBytes.Add(NistObjectIdentifiers.IdAes192Ccm, 12);
ivSizesInBytes.Add(NistObjectIdentifiers.IdAes256Ccm, 12);
ivSizesInBytes.Add(NistObjectIdentifiers.IdAes128Gcm, 12);
ivSizesInBytes.Add(NistObjectIdentifiers.IdAes192Gcm, 12);
ivSizesInBytes.Add(NistObjectIdentifiers.IdAes256Gcm, 12);
ivSizesInBytes.Add(PkcsObjectIdentifiers.DesEde3Cbc, 8);
ivSizesInBytes.Add(KisaObjectIdentifiers.IdSeedCbc, 16);
aeadModes.Add(NistObjectIdentifiers.IdAes128Ccm, true);
aeadModes.Add(NistObjectIdentifiers.IdAes192Ccm, true);
aeadModes.Add(NistObjectIdentifiers.IdAes256Ccm, true);
aeadModes.Add(NistObjectIdentifiers.IdAes128Gcm, true);
aeadModes.Add(NistObjectIdentifiers.IdAes192Gcm, true);
aeadModes.Add(NistObjectIdentifiers.IdAes256Gcm, true);
blockDecryptor.Add(PkcsObjectIdentifiers.DesEde3Cbc, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new FipsTripleDes.Key(key)).CreateBlockDecryptorBuilder((FipsTripleDes.ParametersWithIV)cipherParams)); });
blockDecryptor.Add(NistObjectIdentifiers.IdAes128Cbc, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new FipsAes.Key(key)).CreateBlockDecryptorBuilder((FipsAes.ParametersWithIV)cipherParams)); });
blockDecryptor.Add(NistObjectIdentifiers.IdAes128Ecb, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new FipsAes.Key(key)).CreateBlockDecryptorBuilder((FipsAes.Parameters)cipherParams)); });
blockDecryptor.Add(NistObjectIdentifiers.IdAes192Cbc, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new FipsAes.Key(key)).CreateBlockDecryptorBuilder((FipsAes.ParametersWithIV)cipherParams)); });
blockDecryptor.Add(NistObjectIdentifiers.IdAes192Ecb, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new FipsAes.Key(key)).CreateBlockDecryptorBuilder((FipsAes.Parameters)cipherParams)); });
blockDecryptor.Add(NistObjectIdentifiers.IdAes256Cbc, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new FipsAes.Key(key)).CreateBlockDecryptorBuilder((FipsAes.ParametersWithIV)cipherParams)); });
blockDecryptor.Add(NistObjectIdentifiers.IdAes256Ecb, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new FipsAes.Key(key)).CreateBlockDecryptorBuilder((FipsAes.Parameters)cipherParams)); });
blockDecryptor.Add(NttObjectIdentifiers.IdCamellia128Cbc, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new Camellia.Key(key)).CreateBlockDecryptorBuilder((Camellia.ParametersWithIV)cipherParams)); });
blockDecryptor.Add(NttObjectIdentifiers.IdCamellia192Cbc, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new Camellia.Key(key)).CreateBlockDecryptorBuilder((Camellia.ParametersWithIV)cipherParams)); });
blockDecryptor.Add(NttObjectIdentifiers.IdCamellia256Cbc, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new Camellia.Key(key)).CreateBlockDecryptorBuilder((Camellia.ParametersWithIV)cipherParams)); });
blockDecryptor.Add(KisaObjectIdentifiers.IdSeedCbc, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new Seed.Key(key)).CreateBlockDecryptorBuilder((Seed.ParametersWithIV)cipherParams)); });
blockEncryptor.Add(PkcsObjectIdentifiers.DesEde3Cbc, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new FipsTripleDes.Key(key)).CreateBlockEncryptorBuilder((FipsTripleDes.ParametersWithIV)cipherParams)); });
blockEncryptor.Add(NistObjectIdentifiers.IdAes128Cbc, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new FipsAes.Key(key)).CreateBlockEncryptorBuilder((FipsAes.ParametersWithIV)cipherParams)); });
blockEncryptor.Add(NistObjectIdentifiers.IdAes128Ecb, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new FipsAes.Key(key)).CreateBlockEncryptorBuilder((FipsAes.Parameters)cipherParams)); });
blockEncryptor.Add(NistObjectIdentifiers.IdAes192Cbc, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new FipsAes.Key(key)).CreateBlockEncryptorBuilder((FipsAes.ParametersWithIV)cipherParams)); });
blockEncryptor.Add(NistObjectIdentifiers.IdAes192Ecb, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new FipsAes.Key(key)).CreateBlockEncryptorBuilder((FipsAes.Parameters)cipherParams)); });
blockEncryptor.Add(NistObjectIdentifiers.IdAes256Cbc, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new FipsAes.Key(key)).CreateBlockEncryptorBuilder((FipsAes.ParametersWithIV)cipherParams)); });
blockEncryptor.Add(NistObjectIdentifiers.IdAes256Ecb, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new FipsAes.Key(key)).CreateBlockEncryptorBuilder((FipsAes.Parameters)cipherParams)); });
blockEncryptor.Add(NttObjectIdentifiers.IdCamellia128Cbc, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new Camellia.Key(key)).CreateBlockEncryptorBuilder((Camellia.ParametersWithIV)cipherParams)); });
blockEncryptor.Add(NttObjectIdentifiers.IdCamellia192Cbc, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new Camellia.Key(key)).CreateBlockEncryptorBuilder((Camellia.ParametersWithIV)cipherParams)); });
blockEncryptor.Add(NttObjectIdentifiers.IdCamellia256Cbc, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new Camellia.Key(key)).CreateBlockEncryptorBuilder((Camellia.ParametersWithIV)cipherParams)); });
blockEncryptor.Add(KisaObjectIdentifiers.IdSeedCbc, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new Seed.Key(key)).CreateBlockEncryptorBuilder((Seed.ParametersWithIV)cipherParams)); });
blockEncryptor.Add(NistObjectIdentifiers.IdAes128Ccm, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new FipsAes.Key(key)).CreateBlockEncryptorBuilder((FipsAes.Parameters)cipherParams)); });
blockEncryptor.Add(NistObjectIdentifiers.IdAes128Cfb, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new FipsAes.Key(key)).CreateBlockEncryptorBuilder((FipsAes.Parameters)cipherParams)); });
blockEncryptor.Add(NistObjectIdentifiers.IdAes128Gcm, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new FipsAes.Key(key)).CreateBlockEncryptorBuilder((FipsAes.Parameters)cipherParams)); });
blockEncryptor.Add(NistObjectIdentifiers.IdAes128Ofb, (key, cipherParams) => { return(CryptoServicesRegistrar.CreateService(new FipsAes.Key(key)).CreateBlockEncryptorBuilder((FipsAes.Parameters)cipherParams)); });
}