GetDigest() публичный статический Метод

public static GetDigest ( DerObjectIdentifier id ) : IDigest
id DerObjectIdentifier
Результат IDigest
Пример #1
0
        public static ISigner GetSigner(
            string algorithm)
        {
            if (algorithm == null)
            {
                throw new ArgumentNullException("algorithm");
            }

            algorithm = Platform.ToUpperInvariant(algorithm);

            string mechanism = (string)algorithms[algorithm];

            if (mechanism == null)
            {
                mechanism = algorithm;
            }

            if (Platform.StartsWith(mechanism, "Ed"))
            {
                if (mechanism.Equals("Ed25519"))
                {
                    return(new Ed25519Signer());
                }
                if (mechanism.Equals("Ed25519ctx"))
                {
                    return(new Ed25519ctxSigner(Arrays.EmptyBytes));
                }
                if (mechanism.Equals("Ed25519ph"))
                {
                    return(new Ed25519phSigner(Arrays.EmptyBytes));
                }
                if (mechanism.Equals("Ed448"))
                {
                    return(new Ed448Signer(Arrays.EmptyBytes));
                }
                if (mechanism.Equals("Ed448ph"))
                {
                    return(new Ed448phSigner(Arrays.EmptyBytes));
                }
            }

            if (mechanism.Equals("RSA"))
            {
                return(new RsaDigestSigner(new NullDigest(), (AlgorithmIdentifier)null));
            }
            if (mechanism.Equals("RAWRSASSA-PSS"))
            {
                // TODO Add support for other parameter settings
                return(PssSigner.CreateRawSigner(new RsaBlindedEngine(), new Sha1Digest()));
            }
            if (mechanism.Equals("PSSwithRSA"))
            {
                // TODO The Sha1Digest here is a default. In JCE version, the actual digest
                // to be used can be overridden by subsequent parameter settings.
                return(new PssSigner(new RsaBlindedEngine(), new Sha1Digest()));
            }
            if (Platform.EndsWith(mechanism, "withRSA"))
            {
                string  digestName = mechanism.Substring(0, mechanism.LastIndexOf("with"));
                IDigest digest     = DigestUtilities.GetDigest(digestName);
                return(new RsaDigestSigner(digest));
            }
            if (Platform.EndsWith(mechanism, "withRSAandMGF1"))
            {
                string  digestName = mechanism.Substring(0, mechanism.LastIndexOf("with"));
                IDigest digest     = DigestUtilities.GetDigest(digestName);
                return(new PssSigner(new RsaBlindedEngine(), digest));
            }

            if (Platform.EndsWith(mechanism, "withDSA"))
            {
                string  digestName = mechanism.Substring(0, mechanism.LastIndexOf("with"));
                IDigest digest     = DigestUtilities.GetDigest(digestName);
                return(new DsaDigestSigner(new DsaSigner(), digest));
            }

            if (Platform.EndsWith(mechanism, "withECDSA"))
            {
                string  digestName = mechanism.Substring(0, mechanism.LastIndexOf("with"));
                IDigest digest     = DigestUtilities.GetDigest(digestName);
                return(new DsaDigestSigner(new ECDsaSigner(), digest));
            }

            if (Platform.EndsWith(mechanism, "withCVC-ECDSA") ||
                Platform.EndsWith(mechanism, "withPLAIN-ECDSA"))
            {
                string  digestName = mechanism.Substring(0, mechanism.LastIndexOf("with"));
                IDigest digest     = DigestUtilities.GetDigest(digestName);
                return(new DsaDigestSigner(new ECDsaSigner(), digest, PlainDsaEncoding.Instance));
            }

            if (Platform.EndsWith(mechanism, "withECNR"))
            {
                string  digestName = mechanism.Substring(0, mechanism.LastIndexOf("with"));
                IDigest digest     = DigestUtilities.GetDigest(digestName);
                return(new DsaDigestSigner(new ECNRSigner(), digest));
            }

            if (Platform.EndsWith(mechanism, "withSM2"))
            {
                string  digestName = mechanism.Substring(0, mechanism.LastIndexOf("with"));
                IDigest digest     = DigestUtilities.GetDigest(digestName);
                return(new SM2Signer(digest));
            }

            if (mechanism.Equals("GOST3410"))
            {
                return(new Gost3410DigestSigner(new Gost3410Signer(), new Gost3411Digest()));
            }
            if (mechanism.Equals("ECGOST3410"))
            {
                return(new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411Digest()));
            }

            if (mechanism.Equals("GOST3411_2012_256WITHECGOST3410"))
            {
                return(new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411_2012_256Digest()));
            }
            if (mechanism.Equals("GOST3411_2012_512WITHECGOST3410"))
            {
                return(new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411_2012_512Digest()));
            }

            if (mechanism.Equals("SHA1WITHRSA/ISO9796-2"))
            {
                return(new Iso9796d2Signer(new RsaBlindedEngine(), new Sha1Digest(), true));
            }
            if (mechanism.Equals("MD5WITHRSA/ISO9796-2"))
            {
                return(new Iso9796d2Signer(new RsaBlindedEngine(), new MD5Digest(), true));
            }
            if (mechanism.Equals("RIPEMD160WITHRSA/ISO9796-2"))
            {
                return(new Iso9796d2Signer(new RsaBlindedEngine(), new RipeMD160Digest(), true));
            }

            if (Platform.EndsWith(mechanism, "/X9.31"))
            {
                string x931    = mechanism.Substring(0, mechanism.Length - "/X9.31".Length);
                int    withPos = Platform.IndexOf(x931, "WITH");
                if (withPos > 0)
                {
                    int endPos = withPos + "WITH".Length;

                    string  digestName = x931.Substring(0, withPos);
                    IDigest digest     = DigestUtilities.GetDigest(digestName);

                    string cipherName = x931.Substring(endPos, x931.Length - endPos);
                    if (cipherName.Equals("RSA"))
                    {
                        IAsymmetricBlockCipher cipher = new RsaBlindedEngine();
                        return(new X931Signer(cipher, digest));
                    }
                }
            }

            throw new SecurityUtilityException("Signer " + algorithm + " not recognised.");
        }
Пример #2
0
        public static ISigner GetSigner(
            string algorithm)
        {
            if (algorithm == null)
            {
                throw new ArgumentNullException("algorithm");
            }

            algorithm = Platform.ToUpperInvariant(algorithm);

            string mechanism = (string)algorithms[algorithm];

            if (mechanism == null)
            {
                mechanism = algorithm;
            }

            if (mechanism.Equals("RSA"))
            {
                return(new RsaDigestSigner(new NullDigest(), (AlgorithmIdentifier)null));
            }
            if (mechanism.Equals("MD2withRSA"))
            {
                return(new RsaDigestSigner(new MD2Digest()));
            }
            if (mechanism.Equals("MD4withRSA"))
            {
                return(new RsaDigestSigner(new MD4Digest()));
            }
            if (mechanism.Equals("MD5withRSA"))
            {
                return(new RsaDigestSigner(new MD5Digest()));
            }
            if (mechanism.Equals("SHA-1withRSA"))
            {
                return(new RsaDigestSigner(new Sha1Digest()));
            }
            if (mechanism.Equals("SHA-224withRSA"))
            {
                return(new RsaDigestSigner(new Sha224Digest()));
            }
            if (mechanism.Equals("SHA-256withRSA"))
            {
                return(new RsaDigestSigner(new Sha256Digest()));
            }
            if (mechanism.Equals("SHA-384withRSA"))
            {
                return(new RsaDigestSigner(new Sha384Digest()));
            }
            if (mechanism.Equals("SHA-512withRSA"))
            {
                return(new RsaDigestSigner(new Sha512Digest()));
            }
            if (mechanism.Equals("RIPEMD128withRSA"))
            {
                return(new RsaDigestSigner(new RipeMD128Digest()));
            }
            if (mechanism.Equals("RIPEMD160withRSA"))
            {
                return(new RsaDigestSigner(new RipeMD160Digest()));
            }
            if (mechanism.Equals("RIPEMD256withRSA"))
            {
                return(new RsaDigestSigner(new RipeMD256Digest()));
            }

            if (mechanism.Equals("RAWRSASSA-PSS"))
            {
                // TODO Add support for other parameter settings
                return(PssSigner.CreateRawSigner(new RsaBlindedEngine(), new Sha1Digest()));
            }
            if (mechanism.Equals("PSSwithRSA"))
            {
                // TODO The Sha1Digest here is a default. In JCE version, the actual digest
                // to be used can be overridden by subsequent parameter settings.
                return(new PssSigner(new RsaBlindedEngine(), new Sha1Digest()));
            }
            if (mechanism.Equals("SHA-1withRSAandMGF1"))
            {
                return(new PssSigner(new RsaBlindedEngine(), new Sha1Digest()));
            }
            if (mechanism.Equals("SHA-224withRSAandMGF1"))
            {
                return(new PssSigner(new RsaBlindedEngine(), new Sha224Digest()));
            }
            if (mechanism.Equals("SHA-256withRSAandMGF1"))
            {
                return(new PssSigner(new RsaBlindedEngine(), new Sha256Digest()));
            }
            if (mechanism.Equals("SHA-384withRSAandMGF1"))
            {
                return(new PssSigner(new RsaBlindedEngine(), new Sha384Digest()));
            }
            if (mechanism.Equals("SHA-512withRSAandMGF1"))
            {
                return(new PssSigner(new RsaBlindedEngine(), new Sha512Digest()));
            }

            if (mechanism.Equals("NONEwithDSA"))
            {
                return(new DsaDigestSigner(new DsaSigner(), new NullDigest()));
            }
            if (mechanism.Equals("SHA-1withDSA"))
            {
                return(new DsaDigestSigner(new DsaSigner(), new Sha1Digest()));
            }
            if (mechanism.Equals("SHA-224withDSA"))
            {
                return(new DsaDigestSigner(new DsaSigner(), new Sha224Digest()));
            }
            if (mechanism.Equals("SHA-256withDSA"))
            {
                return(new DsaDigestSigner(new DsaSigner(), new Sha256Digest()));
            }
            if (mechanism.Equals("SHA-384withDSA"))
            {
                return(new DsaDigestSigner(new DsaSigner(), new Sha384Digest()));
            }
            if (mechanism.Equals("SHA-512withDSA"))
            {
                return(new DsaDigestSigner(new DsaSigner(), new Sha512Digest()));
            }

            if (mechanism.Equals("NONEwithECDSA"))
            {
                return(new DsaDigestSigner(new ECDsaSigner(), new NullDigest()));
            }
            if (mechanism.Equals("SHA-1withECDSA"))
            {
                return(new DsaDigestSigner(new ECDsaSigner(), new Sha1Digest()));
            }
            if (mechanism.Equals("SHA-224withECDSA"))
            {
                return(new DsaDigestSigner(new ECDsaSigner(), new Sha224Digest()));
            }
            if (mechanism.Equals("SHA-256withECDSA"))
            {
                return(new DsaDigestSigner(new ECDsaSigner(), new Sha256Digest()));
            }
            if (mechanism.Equals("SHA-384withECDSA"))
            {
                return(new DsaDigestSigner(new ECDsaSigner(), new Sha384Digest()));
            }
            if (mechanism.Equals("SHA-512withECDSA"))
            {
                return(new DsaDigestSigner(new ECDsaSigner(), new Sha512Digest()));
            }

            if (mechanism.Equals("RIPEMD160withECDSA"))
            {
                return(new DsaDigestSigner(new ECDsaSigner(), new RipeMD160Digest()));
            }

            if (mechanism.Equals("SHA1WITHECNR"))
            {
                return(new DsaDigestSigner(new ECNRSigner(), new Sha1Digest()));
            }
            if (mechanism.Equals("SHA224WITHECNR"))
            {
                return(new DsaDigestSigner(new ECNRSigner(), new Sha224Digest()));
            }
            if (mechanism.Equals("SHA256WITHECNR"))
            {
                return(new DsaDigestSigner(new ECNRSigner(), new Sha256Digest()));
            }
            if (mechanism.Equals("SHA384WITHECNR"))
            {
                return(new DsaDigestSigner(new ECNRSigner(), new Sha384Digest()));
            }
            if (mechanism.Equals("SHA512WITHECNR"))
            {
                return(new DsaDigestSigner(new ECNRSigner(), new Sha512Digest()));
            }

            if (mechanism.Equals("GOST3410"))
            {
                return(new Gost3410DigestSigner(new Gost3410Signer(), new Gost3411Digest()));
            }
            if (mechanism.Equals("ECGOST3410"))
            {
                return(new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411Digest()));
            }

            if (mechanism.Equals("SHA1WITHRSA/ISO9796-2"))
            {
                return(new Iso9796d2Signer(new RsaBlindedEngine(), new Sha1Digest(), true));
            }
            if (mechanism.Equals("MD5WITHRSA/ISO9796-2"))
            {
                return(new Iso9796d2Signer(new RsaBlindedEngine(), new MD5Digest(), true));
            }
            if (mechanism.Equals("RIPEMD160WITHRSA/ISO9796-2"))
            {
                return(new Iso9796d2Signer(new RsaBlindedEngine(), new RipeMD160Digest(), true));
            }

            if (Platform.EndsWith(mechanism, "/X9.31"))
            {
                string x931    = mechanism.Substring(0, mechanism.Length - "/X9.31".Length);
                int    withPos = Platform.IndexOf(x931, "WITH");
                if (withPos > 0)
                {
                    int endPos = withPos + "WITH".Length;

                    string  digestName = x931.Substring(0, withPos);
                    IDigest digest     = DigestUtilities.GetDigest(digestName);

                    string cipherName = x931.Substring(endPos, x931.Length - endPos);
                    if (cipherName.Equals("RSA"))
                    {
                        IAsymmetricBlockCipher cipher = new RsaBlindedEngine();
                        return(new X931Signer(cipher, digest));
                    }
                }
            }

            var factory = ExtensionManager.FindDigestSignerFactory(algorithm);

            if (factory != null)
            {
                return(factory.CreateSigner(algorithm));
            }

            throw new SecurityUtilityException("Signer " + algorithm + " not recognised.");
        }
Пример #3
0
        public static IMac GetMac(
            string algorithm)
        {
            string upper = Platform.ToUpperInvariant(algorithm);

            string mechanism = (string)algorithms[upper];

            if (mechanism == null)
            {
                mechanism = upper;
            }

            if (Platform.StartsWith(mechanism, "PBEWITH"))
            {
                mechanism = mechanism.Substring("PBEWITH".Length);
            }

            if (Platform.StartsWith(mechanism, "HMAC"))
            {
                string digestName;
                if (Platform.StartsWith(mechanism, "HMAC-") || Platform.StartsWith(mechanism, "HMAC/"))
                {
                    digestName = mechanism.Substring(5);
                }
                else
                {
                    digestName = mechanism.Substring(4);
                }

                return(new HMac(DigestUtilities.GetDigest(digestName)));
            }

            if (mechanism == "AESCMAC")
            {
                return(new CMac(new AesFastEngine()));
            }
            if (mechanism == "DESMAC")
            {
                return(new CbcBlockCipherMac(new DesEngine()));
            }
            if (mechanism == "DESMAC/CFB8")
            {
                return(new CfbBlockCipherMac(new DesEngine()));
            }
            if (mechanism == "DESMAC64")
            {
                return(new CbcBlockCipherMac(new DesEngine(), 64));
            }
            if (mechanism == "DESEDECMAC")
            {
                return(new CMac(new DesEdeEngine()));
            }
            if (mechanism == "DESEDEMAC")
            {
                return(new CbcBlockCipherMac(new DesEdeEngine()));
            }
            if (mechanism == "DESEDEMAC/CFB8")
            {
                return(new CfbBlockCipherMac(new DesEdeEngine()));
            }
            if (mechanism == "DESEDEMAC64")
            {
                return(new CbcBlockCipherMac(new DesEdeEngine(), 64));
            }
            if (mechanism == "DESEDEMAC64WITHISO7816-4PADDING")
            {
                return(new CbcBlockCipherMac(new DesEdeEngine(), 64, new ISO7816d4Padding()));
            }
            if (mechanism == "DESWITHISO9797" ||
                mechanism == "ISO9797ALG3MAC")
            {
                return(new ISO9797Alg3Mac(new DesEngine()));
            }
            if (mechanism == "ISO9797ALG3WITHISO7816-4PADDING")
            {
                return(new ISO9797Alg3Mac(new DesEngine(), new ISO7816d4Padding()));
            }
            if (mechanism == "SKIPJACKMAC")
            {
                return(new CbcBlockCipherMac(new SkipjackEngine()));
            }
            if (mechanism == "SKIPJACKMAC/CFB8")
            {
                return(new CfbBlockCipherMac(new SkipjackEngine()));
            }
            if (mechanism == "IDEAMAC")
            {
                return(new CbcBlockCipherMac(new IdeaEngine()));
            }
            if (mechanism == "IDEAMAC/CFB8")
            {
                return(new CfbBlockCipherMac(new IdeaEngine()));
            }
            if (mechanism == "RC2MAC")
            {
                return(new CbcBlockCipherMac(new RC2Engine()));
            }
            if (mechanism == "RC2MAC/CFB8")
            {
                return(new CfbBlockCipherMac(new RC2Engine()));
            }
            if (mechanism == "RC5MAC")
            {
                return(new CbcBlockCipherMac(new RC532Engine()));
            }
            if (mechanism == "RC5MAC/CFB8")
            {
                return(new CfbBlockCipherMac(new RC532Engine()));
            }
            if (mechanism == "GOST28147MAC")
            {
                return(new Gost28147Mac());
            }
            if (mechanism == "VMPCMAC")
            {
                return(new VmpcMac());
            }
            if (mechanism == "SIPHASH-2-4")
            {
                return(new SipHash());
            }
            throw new SecurityUtilityException("Mac " + mechanism + " not recognised.");
        }
Пример #4
0
        public static ICipherParameters GenerateCipherParameters(
            string algorithm,
            char[]          password,
            bool wrongPkcs12Zero,
            Asn1Encodable pbeParameters)
        {
            string mechanism = (string)algorithms[algorithm.ToUpper(CultureInfo.InvariantCulture)];

            byte[] keyBytes;
//            string	type = (string)algorithmType[mechanism];
            byte[] salt           = null;
            int    iterationCount = 0;

            if (IsPkcs12(mechanism))
            {
                Pkcs12PbeParams pbeParams = Pkcs12PbeParams.GetInstance(pbeParameters);
                salt           = pbeParams.GetIV();
                iterationCount = pbeParams.Iterations.IntValue;
                keyBytes       = PbeParametersGenerator.Pkcs12PasswordToBytes(password, wrongPkcs12Zero);
            }
            else if (IsPkcs5Scheme2(mechanism))
            {
                Pbkdf2Params pbeParams = Pbkdf2Params.GetInstance(pbeParameters);
                salt           = pbeParams.GetSalt();
                iterationCount = pbeParams.IterationCount.IntValue;
                keyBytes       = PbeParametersGenerator.Pkcs5PasswordToBytes(password);
            }
            else
            {
                PbeParameter pbeParams = PbeParameter.GetInstance(pbeParameters);
                salt           = pbeParams.GetSalt();
                iterationCount = pbeParams.IterationCount.IntValue;
                keyBytes       = PbeParametersGenerator.Pkcs5PasswordToBytes(password);
            }

            ICipherParameters parameters = null;

            if (mechanism.StartsWith("PBEwithSHA-1"))
            {
                PbeParametersGenerator generator = MakePbeGenerator(
                    (string)algorithmType[mechanism], new Sha1Digest(), keyBytes, salt, iterationCount);

                if (mechanism.Equals("PBEwithSHA-1and128bitRC4"))
                {
                    parameters = generator.GenerateDerivedParameters(128);
                }
                else if (mechanism.Equals("PBEwithSHA-1and40bitRC4"))
                {
                    parameters = generator.GenerateDerivedParameters(40);
                }
                else if (mechanism.Equals("PBEwithSHA-1and3-keyDESEDE-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters(192, 64);
                }
                else if (mechanism.Equals("PBEwithSHA-1and2-keyDESEDE-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters(128, 64);
                }
                else if (mechanism.Equals("PBEwithSHA-1and128bitRC2-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters(128, 64);
                }
                else if (mechanism.Equals("PBEwithSHA-1and40bitRC2-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters(40, 64);
                }
                else if (mechanism.Equals("PBEwithSHA-1andDES-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters(64, 64);
                }
                else if (mechanism.Equals("PBEwithSHA-1andRC2-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters(64, 64);
                }
                else if (mechanism.Equals("PBEwithSHA-1and128bitAES-CBC-BC"))
                {
                    parameters = generator.GenerateDerivedParameters(128, 128);
                }
                else if (mechanism.Equals("PBEwithSHA-1and192bitAES-CBC-BC"))
                {
                    parameters = generator.GenerateDerivedParameters(192, 128);
                }
                else if (mechanism.Equals("PBEwithSHA-1and256bitAES-CBC-BC"))
                {
                    parameters = generator.GenerateDerivedParameters(256, 128);
                }
            }
            else if (mechanism.StartsWith("PBEwithSHA-256"))
            {
                PbeParametersGenerator generator = MakePbeGenerator(
                    (string)algorithmType[mechanism], new Sha256Digest(), keyBytes, salt, iterationCount);

                if (mechanism.Equals("PBEwithSHA-256and128bitAES-CBC-BC"))
                {
                    parameters = generator.GenerateDerivedParameters(128, 128);
                }
                else if (mechanism.Equals("PBEwithSHA-256and192bitAES-CBC-BC"))
                {
                    parameters = generator.GenerateDerivedParameters(192, 128);
                }
                else if (mechanism.Equals("PBEwithSHA-256and256bitAES-CBC-BC"))
                {
                    parameters = generator.GenerateDerivedParameters(256, 128);
                }
            }
            else if (mechanism.StartsWith("PBEwithMD5"))
            {
                PbeParametersGenerator generator = MakePbeGenerator(
                    (string)algorithmType[mechanism], new MD5Digest(), keyBytes, salt, iterationCount);

                if (mechanism.Equals("PBEwithMD5andDES-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters(64, 64);
                }
                else if (mechanism.Equals("PBEwithMD5andRC2-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters(64, 64);
                }
                else if (mechanism.Equals("PBEwithMD5and128bitAES-CBC-OpenSSL"))
                {
                    parameters = generator.GenerateDerivedParameters(128, 128);
                }
                else if (mechanism.Equals("PBEwithMD5and192bitAES-CBC-OpenSSL"))
                {
                    parameters = generator.GenerateDerivedParameters(192, 128);
                }
                else if (mechanism.Equals("PBEwithMD5and256bitAES-CBC-OpenSSL"))
                {
                    parameters = generator.GenerateDerivedParameters(256, 128);
                }
            }
            else if (mechanism.StartsWith("PBEwithMD2"))
            {
                PbeParametersGenerator generator = MakePbeGenerator(
                    (string)algorithmType[mechanism], new MD2Digest(), keyBytes, salt, iterationCount);
                if (mechanism.Equals("PBEwithMD2andDES-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters(64, 64);
                }
                else if (mechanism.Equals("PBEwithMD2andRC2-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters(64, 64);
                }
            }
            else if (mechanism.StartsWith("PBEwithHmac"))
            {
                string digestName = mechanism.Substring("PBEwithHmac".Length);

                int keySize;
                switch (digestName)
                {
                case "SHA-1":           keySize = 160;  break;

                case "SHA-224":         keySize = 224;  break;

                case "SHA-256":         keySize = 256;  break;

                case "RipeMD128":       keySize = 128;  break;

                case "RipeMD160":       keySize = 160;  break;

                case "RipeMD256":       keySize = 256;  break;

                default:
                    throw new ArgumentException("unrecognised algorithm: " + algorithm, "algorithm");
                }

                IDigest digest = DigestUtilities.GetDigest(digestName);

                PbeParametersGenerator generator = MakePbeGenerator(
                    (string)algorithmType[mechanism], digest, keyBytes, salt, iterationCount);

                parameters = generator.GenerateDerivedMacParameters(keySize);
            }

            Array.Clear(keyBytes, 0, keyBytes.Length);

            return(parameters);
        }
Пример #5
0
        public static ICipherParameters GenerateCipherParameters(
            string algorithm,
            char[]          password,
            bool wrongPkcs12Zero,
            Asn1Encodable pbeParameters)
        {
            string mechanism = (string)algorithms[algorithm.ToUpper(CultureInfo.InvariantCulture)];

            byte[] keyBytes       = null;
            byte[] salt           = null;
            int    iterationCount = 0;

            if (IsPkcs12(mechanism))
            {
                Pkcs12PbeParams pbeParams = Pkcs12PbeParams.GetInstance(pbeParameters);
                salt           = pbeParams.GetIV();
                iterationCount = pbeParams.Iterations.IntValue;
                keyBytes       = PbeParametersGenerator.Pkcs12PasswordToBytes(password, wrongPkcs12Zero);
            }
            else if (IsPkcs5Scheme2(mechanism))
            {
                // See below
            }
            else
            {
                PbeParameter pbeParams = PbeParameter.GetInstance(pbeParameters);
                salt           = pbeParams.GetSalt();
                iterationCount = pbeParams.IterationCount.IntValue;
                keyBytes       = PbeParametersGenerator.Pkcs5PasswordToBytes(password);
            }

            ICipherParameters parameters = null;

            if (IsPkcs5Scheme2(mechanism))
            {
                PbeS2Parameters     s2p       = PbeS2Parameters.GetInstance(pbeParameters.ToAsn1Object());
                AlgorithmIdentifier encScheme = s2p.EncryptionScheme;
                DerObjectIdentifier encOid    = encScheme.ObjectID;
                Asn1Object          encParams = encScheme.Parameters.ToAsn1Object();

                // TODO What about s2p.KeyDerivationFunc.ObjectID?
                Pbkdf2Params pbeParams = Pbkdf2Params.GetInstance(s2p.KeyDerivationFunc.Parameters.ToAsn1Object());

                byte[] iv;
                if (encOid.Equals(PkcsObjectIdentifiers.RC2Cbc))                 // PKCS5.B.2.3
                {
                    RC2CbcParameter rc2Params = RC2CbcParameter.GetInstance(encParams);
                    iv = rc2Params.GetIV();
                }
                else
                {
                    iv = Asn1OctetString.GetInstance(encParams).GetOctets();
                }

                salt           = pbeParams.GetSalt();
                iterationCount = pbeParams.IterationCount.IntValue;
                keyBytes       = PbeParametersGenerator.Pkcs5PasswordToBytes(password);

                int keyLength = pbeParams.KeyLength != null
                                        ?       pbeParams.KeyLength.IntValue * 8
                                        :       GeneratorUtilities.GetDefaultKeySize(encOid);

                PbeParametersGenerator gen = MakePbeGenerator(
                    (string)algorithmType[mechanism], null, keyBytes, salt, iterationCount);

                parameters = gen.GenerateDerivedParameters(encOid.Id, keyLength);

                if (iv != null)
                {
                    // FIXME? OpenSSL weirdness with IV of zeros (for ECB keys?)
                    if (Arrays.AreEqual(iv, new byte[iv.Length]))
                    {
                        //Console.Error.Write("***** IV all 0 (length " + iv.Length + ") *****");
                    }
                    else
                    {
                        parameters = new ParametersWithIV(parameters, iv);
                    }
                }
            }
            else if (mechanism.StartsWith("PBEwithSHA-1"))
            {
                PbeParametersGenerator generator = MakePbeGenerator(
                    (string)algorithmType[mechanism], new Sha1Digest(), keyBytes, salt, iterationCount);

                if (mechanism.Equals("PBEwithSHA-1and128bitRC4"))
                {
                    parameters = generator.GenerateDerivedParameters("RC4", 128);
                }
                else if (mechanism.Equals("PBEwithSHA-1and40bitRC4"))
                {
                    parameters = generator.GenerateDerivedParameters("RC4", 40);
                }
                else if (mechanism.Equals("PBEwithSHA-1and3-keyDESEDE-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters("DESEDE", 192, 64);
                }
                else if (mechanism.Equals("PBEwithSHA-1and2-keyDESEDE-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters("DESEDE", 128, 64);
                }
                else if (mechanism.Equals("PBEwithSHA-1and128bitRC2-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters("RC2", 128, 64);
                }
                else if (mechanism.Equals("PBEwithSHA-1and40bitRC2-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters("RC2", 40, 64);
                }
                else if (mechanism.Equals("PBEwithSHA-1andDES-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters("DES", 64, 64);
                }
                else if (mechanism.Equals("PBEwithSHA-1andRC2-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters("RC2", 64, 64);
                }
                else if (mechanism.Equals("PBEwithSHA-1and128bitAES-CBC-BC"))
                {
                    parameters = generator.GenerateDerivedParameters("AES", 128, 128);
                }
                else if (mechanism.Equals("PBEwithSHA-1and192bitAES-CBC-BC"))
                {
                    parameters = generator.GenerateDerivedParameters("AES", 192, 128);
                }
                else if (mechanism.Equals("PBEwithSHA-1and256bitAES-CBC-BC"))
                {
                    parameters = generator.GenerateDerivedParameters("AES", 256, 128);
                }
            }
            else if (mechanism.StartsWith("PBEwithSHA-256"))
            {
                PbeParametersGenerator generator = MakePbeGenerator(
                    (string)algorithmType[mechanism], new Sha256Digest(), keyBytes, salt, iterationCount);

                if (mechanism.Equals("PBEwithSHA-256and128bitAES-CBC-BC"))
                {
                    parameters = generator.GenerateDerivedParameters("AES", 128, 128);
                }
                else if (mechanism.Equals("PBEwithSHA-256and192bitAES-CBC-BC"))
                {
                    parameters = generator.GenerateDerivedParameters("AES", 192, 128);
                }
                else if (mechanism.Equals("PBEwithSHA-256and256bitAES-CBC-BC"))
                {
                    parameters = generator.GenerateDerivedParameters("AES", 256, 128);
                }
            }
            else if (mechanism.StartsWith("PBEwithMD5"))
            {
                PbeParametersGenerator generator = MakePbeGenerator(
                    (string)algorithmType[mechanism], new MD5Digest(), keyBytes, salt, iterationCount);

                if (mechanism.Equals("PBEwithMD5andDES-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters("DES", 64, 64);
                }
                else if (mechanism.Equals("PBEwithMD5andRC2-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters("RC2", 64, 64);
                }
                else if (mechanism.Equals("PBEwithMD5and128bitAES-CBC-OpenSSL"))
                {
                    parameters = generator.GenerateDerivedParameters("AES", 128, 128);
                }
                else if (mechanism.Equals("PBEwithMD5and192bitAES-CBC-OpenSSL"))
                {
                    parameters = generator.GenerateDerivedParameters("AES", 192, 128);
                }
                else if (mechanism.Equals("PBEwithMD5and256bitAES-CBC-OpenSSL"))
                {
                    parameters = generator.GenerateDerivedParameters("AES", 256, 128);
                }
            }
            else if (mechanism.StartsWith("PBEwithMD2"))
            {
                PbeParametersGenerator generator = MakePbeGenerator(
                    (string)algorithmType[mechanism], new MD2Digest(), keyBytes, salt, iterationCount);
                if (mechanism.Equals("PBEwithMD2andDES-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters("DES", 64, 64);
                }
                else if (mechanism.Equals("PBEwithMD2andRC2-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters("RC2", 64, 64);
                }
            }
            else if (mechanism.StartsWith("PBEwithHmac"))
            {
                string  digestName = mechanism.Substring("PBEwithHmac".Length);
                IDigest digest     = DigestUtilities.GetDigest(digestName);

                PbeParametersGenerator generator = MakePbeGenerator(
                    (string)algorithmType[mechanism], digest, keyBytes, salt, iterationCount);

                int bitLen = digest.GetDigestSize() * 8;
                parameters = generator.GenerateDerivedMacParameters(bitLen);
            }

            Array.Clear(keyBytes, 0, keyBytes.Length);

            return(FixDesParity(mechanism, parameters));
        }
        public static ICipherParameters GenerateCipherParameters(
            string algorithm,
            char[]          password,
            bool wrongPkcs12Zero,
            Asn1Encodable pbeParameters)
        {
            string mechanism = (string)algorithms[algorithm.ToUpper(CultureInfo.InvariantCulture)];

            byte[] keyBytes;
            //string	type = (string)algorithmType[mechanism];
            byte[] salt;
            int    iterationCount;

            if (IsPkcs12(mechanism))
            {
                Pkcs12PbeParams pbeParams = Pkcs12PbeParams.GetInstance(pbeParameters);
                salt           = pbeParams.GetIV();
                iterationCount = pbeParams.Iterations.IntValue;
                keyBytes       = PbeParametersGenerator.Pkcs12PasswordToBytes(password, wrongPkcs12Zero);
            }
            else if (IsPkcs5Scheme2(mechanism))
            {
                Pbkdf2Params pbeParams = Pbkdf2Params.GetInstance(pbeParameters);
                salt           = pbeParams.GetSalt();
                iterationCount = pbeParams.IterationCount.IntValue;
                keyBytes       = PbeParametersGenerator.Pkcs5PasswordToBytes(password);
            }
            else
            {
                PbeParameter pbeParams = PbeParameter.GetInstance(pbeParameters);
                salt           = pbeParams.GetSalt();
                iterationCount = pbeParams.IterationCount.IntValue;
                keyBytes       = PbeParametersGenerator.Pkcs5PasswordToBytes(password);
            }

            ICipherParameters parameters = null;

            if (mechanism.StartsWith("PBEwithSHA-1"))
            {
                PbeParametersGenerator generator = MakePbeGenerator(
                    (string)algorithmType[mechanism], new Sha1Digest(), keyBytes, salt, iterationCount);

                if (mechanism.Equals("PBEwithSHA-1and128bitRC4"))
                {
                    parameters = generator.GenerateDerivedParameters("RC4", 128);
                }
                else if (mechanism.Equals("PBEwithSHA-1and40bitRC4"))
                {
                    parameters = generator.GenerateDerivedParameters("RC4", 40);
                }
                else if (mechanism.Equals("PBEwithSHA-1and3-keyDESEDE-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters("DESEDE", 192, 64);
                }
                else if (mechanism.Equals("PBEwithSHA-1and2-keyDESEDE-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters("DESEDE", 128, 64);
                }
                else if (mechanism.Equals("PBEwithSHA-1and128bitRC2-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters("RC2", 128, 64);
                }
                else if (mechanism.Equals("PBEwithSHA-1and40bitRC2-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters("RC2", 40, 64);
                }
                else if (mechanism.Equals("PBEwithSHA-1andDES-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters("DES", 64, 64);
                }
                else if (mechanism.Equals("PBEwithSHA-1andRC2-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters("RC2", 64, 64);
                }
                else if (mechanism.Equals("PBEwithSHA-1and128bitAES-CBC-BC"))
                {
                    parameters = generator.GenerateDerivedParameters("AES", 128, 128);
                }
                else if (mechanism.Equals("PBEwithSHA-1and192bitAES-CBC-BC"))
                {
                    parameters = generator.GenerateDerivedParameters("AES", 192, 128);
                }
                else if (mechanism.Equals("PBEwithSHA-1and256bitAES-CBC-BC"))
                {
                    parameters = generator.GenerateDerivedParameters("AES", 256, 128);
                }
            }
            else if (mechanism.StartsWith("PBEwithSHA-256"))
            {
                PbeParametersGenerator generator = MakePbeGenerator(
                    (string)algorithmType[mechanism], new Sha256Digest(), keyBytes, salt, iterationCount);

                if (mechanism.Equals("PBEwithSHA-256and128bitAES-CBC-BC"))
                {
                    parameters = generator.GenerateDerivedParameters("AES", 128, 128);
                }
                else if (mechanism.Equals("PBEwithSHA-256and192bitAES-CBC-BC"))
                {
                    parameters = generator.GenerateDerivedParameters("AES", 192, 128);
                }
                else if (mechanism.Equals("PBEwithSHA-256and256bitAES-CBC-BC"))
                {
                    parameters = generator.GenerateDerivedParameters("AES", 256, 128);
                }
            }
            else if (mechanism.StartsWith("PBEwithMD5"))
            {
                PbeParametersGenerator generator = MakePbeGenerator(
                    (string)algorithmType[mechanism], new MD5Digest(), keyBytes, salt, iterationCount);

                if (mechanism.Equals("PBEwithMD5andDES-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters("DES", 64, 64);
                }
                else if (mechanism.Equals("PBEwithMD5andRC2-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters("RC2", 64, 64);
                }
                else if (mechanism.Equals("PBEwithMD5and128bitAES-CBC-OpenSSL"))
                {
                    parameters = generator.GenerateDerivedParameters("AES", 128, 128);
                }
                else if (mechanism.Equals("PBEwithMD5and192bitAES-CBC-OpenSSL"))
                {
                    parameters = generator.GenerateDerivedParameters("AES", 192, 128);
                }
                else if (mechanism.Equals("PBEwithMD5and256bitAES-CBC-OpenSSL"))
                {
                    parameters = generator.GenerateDerivedParameters("AES", 256, 128);
                }
            }
            else if (mechanism.StartsWith("PBEwithMD2"))
            {
                PbeParametersGenerator generator = MakePbeGenerator(
                    (string)algorithmType[mechanism], new MD2Digest(), keyBytes, salt, iterationCount);
                if (mechanism.Equals("PBEwithMD2andDES-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters("DES", 64, 64);
                }
                else if (mechanism.Equals("PBEwithMD2andRC2-CBC"))
                {
                    parameters = generator.GenerateDerivedParameters("RC2", 64, 64);
                }
            }
            else if (mechanism.StartsWith("PBEwithHmac"))
            {
                string  digestName = mechanism.Substring("PBEwithHmac".Length);
                IDigest digest     = DigestUtilities.GetDigest(digestName);

                PbeParametersGenerator generator = MakePbeGenerator(
                    (string)algorithmType[mechanism], digest, keyBytes, salt, iterationCount);

                int bitLen = digest.GetDigestSize() * 8;
                parameters = generator.GenerateDerivedMacParameters(bitLen);
            }

            Array.Clear(keyBytes, 0, keyBytes.Length);

            return(parameters);
        }
Пример #7
0
 public static IMac GetMac(string algorithm)
 {
     string text = Platform.ToUpperInvariant(algorithm);
     string text2 = (string)MacUtilities.algorithms[text];
     if (text2 == null)
     {
         text2 = text;
     }
     if (text2.StartsWith("PBEWITH"))
     {
         text2 = text2.Substring("PBEWITH".Length);
     }
     if (text2.StartsWith("HMAC"))
     {
         string algorithm2;
         if (text2.StartsWith("HMAC-") || text2.StartsWith("HMAC/"))
         {
             algorithm2 = text2.Substring(5);
         }
         else
         {
             algorithm2 = text2.Substring(4);
         }
         return new HMac(DigestUtilities.GetDigest(algorithm2));
     }
     if (text2 == "AESCMAC")
     {
         return new CMac(new AesFastEngine());
     }
     if (text2 == "DESMAC")
     {
         return new CbcBlockCipherMac(new DesEngine());
     }
     if (text2 == "DESMAC/CFB8")
     {
         return new CfbBlockCipherMac(new DesEngine());
     }
     if (text2 == "DESMAC64")
     {
         return new CbcBlockCipherMac(new DesEngine(), 64);
     }
     if (text2 == "DESEDECMAC")
     {
         return new CMac(new DesEdeEngine());
     }
     if (text2 == "DESEDEMAC")
     {
         return new CbcBlockCipherMac(new DesEdeEngine());
     }
     if (text2 == "DESEDEMAC/CFB8")
     {
         return new CfbBlockCipherMac(new DesEdeEngine());
     }
     if (text2 == "DESEDEMAC64")
     {
         return new CbcBlockCipherMac(new DesEdeEngine(), 64);
     }
     if (text2 == "DESEDEMAC64WITHISO7816-4PADDING")
     {
         return new CbcBlockCipherMac(new DesEdeEngine(), 64, new ISO7816d4Padding());
     }
     if (text2 == "DESWITHISO9797" || text2 == "ISO9797ALG3MAC")
     {
         return new ISO9797Alg3Mac(new DesEngine());
     }
     if (text2 == "ISO9797ALG3WITHISO7816-4PADDING")
     {
         return new ISO9797Alg3Mac(new DesEngine(), new ISO7816d4Padding());
     }
     if (text2 == "SKIPJACKMAC")
     {
         return new CbcBlockCipherMac(new SkipjackEngine());
     }
     if (text2 == "SKIPJACKMAC/CFB8")
     {
         return new CfbBlockCipherMac(new SkipjackEngine());
     }
     if (text2 == "IDEAMAC")
     {
         return new CbcBlockCipherMac(new IdeaEngine());
     }
     if (text2 == "IDEAMAC/CFB8")
     {
         return new CfbBlockCipherMac(new IdeaEngine());
     }
     if (text2 == "RC2MAC")
     {
         return new CbcBlockCipherMac(new RC2Engine());
     }
     if (text2 == "RC2MAC/CFB8")
     {
         return new CfbBlockCipherMac(new RC2Engine());
     }
     if (text2 == "RC5MAC")
     {
         return new CbcBlockCipherMac(new RC532Engine());
     }
     if (text2 == "RC5MAC/CFB8")
     {
         return new CfbBlockCipherMac(new RC532Engine());
     }
     if (text2 == "GOST28147MAC")
     {
         return new Gost28147Mac();
     }
     if (text2 == "VMPCMAC")
     {
         return new VmpcMac();
     }
     if (text2 == "SIPHASH-2-4")
     {
         return new SipHash();
     }
     throw new SecurityUtilityException("Mac " + text2 + " not recognised.");
 }
Пример #8
0
 public static IDigest GetDigest(DerObjectIdentifier id)
 {
     return(DigestUtilities.GetDigest(id.Id));
 }
Пример #9
0
        public static IMac GetMac(string algorithm)
        {
            string str    = Platform.ToUpperInvariant(algorithm);
            string source = (string)algorithms[str];

            if (source == null)
            {
                source = str;
            }
            if (Platform.StartsWith(source, "PBEWITH"))
            {
                source = source.Substring("PBEWITH".Length);
            }
            if (Platform.StartsWith(source, "HMAC"))
            {
                string str3;
                if (Platform.StartsWith(source, "HMAC-") || Platform.StartsWith(source, "HMAC/"))
                {
                    str3 = source.Substring(5);
                }
                else
                {
                    str3 = source.Substring(4);
                }
                return(new HMac(DigestUtilities.GetDigest(str3)));
            }
            switch (source)
            {
            case "AESCMAC":
                return(new CMac(new AesFastEngine()));

            case "DESMAC":
                return(new CbcBlockCipherMac(new DesEngine()));

            case "DESMAC/CFB8":
                return(new CfbBlockCipherMac(new DesEngine()));

            case "DESMAC64":
                return(new CbcBlockCipherMac(new DesEngine(), 0x40));

            case "DESEDECMAC":
                return(new CMac(new DesEdeEngine()));

            case "DESEDEMAC":
                return(new CbcBlockCipherMac(new DesEdeEngine()));

            case "DESEDEMAC/CFB8":
                return(new CfbBlockCipherMac(new DesEdeEngine()));

            case "DESEDEMAC64":
                return(new CbcBlockCipherMac(new DesEdeEngine(), 0x40));

            case "DESEDEMAC64WITHISO7816-4PADDING":
                return(new CbcBlockCipherMac(new DesEdeEngine(), 0x40, new ISO7816d4Padding()));

            case "DESWITHISO9797":
            case "ISO9797ALG3MAC":
                return(new ISO9797Alg3Mac(new DesEngine()));

            case "ISO9797ALG3WITHISO7816-4PADDING":
                return(new ISO9797Alg3Mac(new DesEngine(), new ISO7816d4Padding()));

            case "SKIPJACKMAC":
                return(new CbcBlockCipherMac(new SkipjackEngine()));

            case "SKIPJACKMAC/CFB8":
                return(new CfbBlockCipherMac(new SkipjackEngine()));

            case "IDEAMAC":
                return(new CbcBlockCipherMac(new IdeaEngine()));

            case "IDEAMAC/CFB8":
                return(new CfbBlockCipherMac(new IdeaEngine()));

            case "RC2MAC":
                return(new CbcBlockCipherMac(new RC2Engine()));

            case "RC2MAC/CFB8":
                return(new CfbBlockCipherMac(new RC2Engine()));

            case "RC5MAC":
                return(new CbcBlockCipherMac(new RC532Engine()));

            case "RC5MAC/CFB8":
                return(new CfbBlockCipherMac(new RC532Engine()));

            case "GOST28147MAC":
                return(new Gost28147Mac());

            case "VMPCMAC":
                return(new VmpcMac());
            }
            if (source != "SIPHASH-2-4")
            {
                throw new SecurityUtilityException("Mac " + source + " not recognised.");
            }
            return(new SipHash());
        }
        public static IMac GetMac(
            string algorithm)
        {
            string upper = algorithm.ToUpper(CultureInfo.InvariantCulture);

            string mechanism = (string)algorithms[upper];

            if (mechanism == null)
            {
                mechanism = upper;
            }

            if (mechanism.StartsWith("HMAC"))
            {
                string digestName = null;
                if (mechanism.StartsWith("HMAC-") || mechanism.StartsWith("HMAC/"))
                {
                    digestName = mechanism.Substring(5);
                }
                else
                {
                    digestName = mechanism.Substring(4);
                }

                return(new HMac(DigestUtilities.GetDigest(digestName)));
            }

            if (mechanism == "DESMAC")
            {
                return(new CbcBlockCipherMac(new DesEngine()));
            }
            if (mechanism == "DESMAC/CFB8")
            {
                return(new CfbBlockCipherMac(new DesEngine()));
            }
            if (mechanism == "DESEDEMAC")
            {
                return(new CbcBlockCipherMac(new DesEdeEngine()));
            }
            if (mechanism == "DESEDEMAC/CFB8")
            {
                return(new CfbBlockCipherMac(new DesEdeEngine()));
            }
            if (mechanism == "DESEDEMAC64")
            {
                return(new CbcBlockCipherMac(new DesEdeEngine(), 64));
            }
            if (mechanism == "DESWITHISO9797" ||
                mechanism == "ISO9797ALG3MAC")
            {
                return(new ISO9797Alg3Mac(new DesEngine()));
            }
            if (mechanism == "SKIPJACKMAC")
            {
                return(new CbcBlockCipherMac(new SkipjackEngine()));
            }
            if (mechanism == "SKIPJACKMAC/CFB8")
            {
                return(new CfbBlockCipherMac(new SkipjackEngine()));
            }
            if (mechanism == "IDEAMAC")
            {
                return(new CbcBlockCipherMac(new IdeaEngine()));
            }
            if (mechanism == "IDEAMAC/CFB8")
            {
                return(new CfbBlockCipherMac(new IdeaEngine()));
            }
            if (mechanism == "RC2MAC")
            {
                return(new CbcBlockCipherMac(new RC2Engine()));
            }
            if (mechanism == "RC2MAC/CFB8")
            {
                return(new CfbBlockCipherMac(new RC2Engine()));
            }
            if (mechanism == "RC5MAC")
            {
                return(new CbcBlockCipherMac(new RC532Engine()));
            }
            if (mechanism == "RC5MAC/CFB8")
            {
                return(new CfbBlockCipherMac(new RC532Engine()));
            }
            if (mechanism == "GOST28147MAC")
            {
                return(new Gost28147Mac());
            }

            throw new SecurityUtilityException("Mac " + mechanism + " not recognised.");
        }
Пример #11
0
        public static ISigner GetSigner(string algorithm)
        {
            if (algorithm == null)
            {
                throw new ArgumentNullException("algorithm");
            }
            algorithm = Platform.ToUpperInvariant(algorithm);
            string text = (string)SignerUtilities.algorithms[algorithm];

            if (text == null)
            {
                text = algorithm;
            }
            if (text.Equals("RSA"))
            {
                return(new RsaDigestSigner(new NullDigest(), null));
            }
            if (text.Equals("MD2withRSA"))
            {
                return(new RsaDigestSigner(new MD2Digest()));
            }
            if (text.Equals("MD4withRSA"))
            {
                return(new RsaDigestSigner(new MD4Digest()));
            }
            if (text.Equals("MD5withRSA"))
            {
                return(new RsaDigestSigner(new MD5Digest()));
            }
            if (text.Equals("SHA-1withRSA"))
            {
                return(new RsaDigestSigner(new Sha1Digest()));
            }
            if (text.Equals("SHA-224withRSA"))
            {
                return(new RsaDigestSigner(new Sha224Digest()));
            }
            if (text.Equals("SHA-256withRSA"))
            {
                return(new RsaDigestSigner(new Sha256Digest()));
            }
            if (text.Equals("SHA-384withRSA"))
            {
                return(new RsaDigestSigner(new Sha384Digest()));
            }
            if (text.Equals("SHA-512withRSA"))
            {
                return(new RsaDigestSigner(new Sha512Digest()));
            }
            if (text.Equals("RIPEMD128withRSA"))
            {
                return(new RsaDigestSigner(new RipeMD128Digest()));
            }
            if (text.Equals("RIPEMD160withRSA"))
            {
                return(new RsaDigestSigner(new RipeMD160Digest()));
            }
            if (text.Equals("RIPEMD256withRSA"))
            {
                return(new RsaDigestSigner(new RipeMD256Digest()));
            }
            if (text.Equals("RAWRSASSA-PSS"))
            {
                return(PssSigner.CreateRawSigner(new RsaBlindedEngine(), new Sha1Digest()));
            }
            if (text.Equals("PSSwithRSA"))
            {
                return(new PssSigner(new RsaBlindedEngine(), new Sha1Digest()));
            }
            if (text.Equals("SHA-1withRSAandMGF1"))
            {
                return(new PssSigner(new RsaBlindedEngine(), new Sha1Digest()));
            }
            if (text.Equals("SHA-224withRSAandMGF1"))
            {
                return(new PssSigner(new RsaBlindedEngine(), new Sha224Digest()));
            }
            if (text.Equals("SHA-256withRSAandMGF1"))
            {
                return(new PssSigner(new RsaBlindedEngine(), new Sha256Digest()));
            }
            if (text.Equals("SHA-384withRSAandMGF1"))
            {
                return(new PssSigner(new RsaBlindedEngine(), new Sha384Digest()));
            }
            if (text.Equals("SHA-512withRSAandMGF1"))
            {
                return(new PssSigner(new RsaBlindedEngine(), new Sha512Digest()));
            }
            if (text.Equals("NONEwithDSA"))
            {
                return(new DsaDigestSigner(new DsaSigner(), new NullDigest()));
            }
            if (text.Equals("SHA-1withDSA"))
            {
                return(new DsaDigestSigner(new DsaSigner(), new Sha1Digest()));
            }
            if (text.Equals("SHA-224withDSA"))
            {
                return(new DsaDigestSigner(new DsaSigner(), new Sha224Digest()));
            }
            if (text.Equals("SHA-256withDSA"))
            {
                return(new DsaDigestSigner(new DsaSigner(), new Sha256Digest()));
            }
            if (text.Equals("SHA-384withDSA"))
            {
                return(new DsaDigestSigner(new DsaSigner(), new Sha384Digest()));
            }
            if (text.Equals("SHA-512withDSA"))
            {
                return(new DsaDigestSigner(new DsaSigner(), new Sha512Digest()));
            }
            if (text.Equals("NONEwithECDSA"))
            {
                return(new DsaDigestSigner(new ECDsaSigner(), new NullDigest()));
            }
            if (text.Equals("SHA-1withECDSA"))
            {
                return(new DsaDigestSigner(new ECDsaSigner(), new Sha1Digest()));
            }
            if (text.Equals("SHA-224withECDSA"))
            {
                return(new DsaDigestSigner(new ECDsaSigner(), new Sha224Digest()));
            }
            if (text.Equals("SHA-256withECDSA"))
            {
                return(new DsaDigestSigner(new ECDsaSigner(), new Sha256Digest()));
            }
            if (text.Equals("SHA-384withECDSA"))
            {
                return(new DsaDigestSigner(new ECDsaSigner(), new Sha384Digest()));
            }
            if (text.Equals("SHA-512withECDSA"))
            {
                return(new DsaDigestSigner(new ECDsaSigner(), new Sha512Digest()));
            }
            if (text.Equals("RIPEMD160withECDSA"))
            {
                return(new DsaDigestSigner(new ECDsaSigner(), new RipeMD160Digest()));
            }
            if (text.Equals("SHA1WITHECNR"))
            {
                return(new DsaDigestSigner(new ECNRSigner(), new Sha1Digest()));
            }
            if (text.Equals("SHA224WITHECNR"))
            {
                return(new DsaDigestSigner(new ECNRSigner(), new Sha224Digest()));
            }
            if (text.Equals("SHA256WITHECNR"))
            {
                return(new DsaDigestSigner(new ECNRSigner(), new Sha256Digest()));
            }
            if (text.Equals("SHA384WITHECNR"))
            {
                return(new DsaDigestSigner(new ECNRSigner(), new Sha384Digest()));
            }
            if (text.Equals("SHA512WITHECNR"))
            {
                return(new DsaDigestSigner(new ECNRSigner(), new Sha512Digest()));
            }
            if (text.Equals("GOST3410"))
            {
                return(new Gost3410DigestSigner(new Gost3410Signer(), new Gost3411Digest()));
            }
            if (text.Equals("ECGOST3410"))
            {
                return(new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411Digest()));
            }
            if (text.Equals("SHA1WITHRSA/ISO9796-2"))
            {
                return(new Iso9796d2Signer(new RsaBlindedEngine(), new Sha1Digest(), true));
            }
            if (text.Equals("MD5WITHRSA/ISO9796-2"))
            {
                return(new Iso9796d2Signer(new RsaBlindedEngine(), new MD5Digest(), true));
            }
            if (text.Equals("RIPEMD160WITHRSA/ISO9796-2"))
            {
                return(new Iso9796d2Signer(new RsaBlindedEngine(), new RipeMD160Digest(), true));
            }
            if (text.EndsWith("/X9.31"))
            {
                string text2 = text.Substring(0, text.Length - "/X9.31".Length);
                int    num   = text2.IndexOf("WITH");
                if (num > 0)
                {
                    int     num2       = num + "WITH".Length;
                    string  algorithm2 = text2.Substring(0, num);
                    IDigest digest     = DigestUtilities.GetDigest(algorithm2);
                    string  text3      = text2.Substring(num2, text2.Length - num2);
                    if (text3.Equals("RSA"))
                    {
                        IAsymmetricBlockCipher cipher = new RsaBlindedEngine();
                        return(new X931Signer(cipher, digest));
                    }
                }
            }
            throw new SecurityUtilityException("Signer " + algorithm + " not recognised.");
        }
Пример #12
0
        public static ICipherParameters GenerateCipherParameters(string algorithm, char[] password, bool wrongPkcs12Zero, Asn1Encodable pbeParameters)
        {
            string text = (string)PbeUtilities.algorithms[Platform.ToUpperInvariant(algorithm)];

            byte[] array          = null;
            byte[] salt           = null;
            int    iterationCount = 0;

            if (PbeUtilities.IsPkcs12(text))
            {
                Pkcs12PbeParams instance = Pkcs12PbeParams.GetInstance(pbeParameters);
                salt           = instance.GetIV();
                iterationCount = instance.Iterations.IntValue;
                array          = PbeParametersGenerator.Pkcs12PasswordToBytes(password, wrongPkcs12Zero);
            }
            else if (!PbeUtilities.IsPkcs5Scheme2(text))
            {
                PbeParameter instance2 = PbeParameter.GetInstance(pbeParameters);
                salt           = instance2.GetSalt();
                iterationCount = instance2.IterationCount.IntValue;
                array          = PbeParametersGenerator.Pkcs5PasswordToBytes(password);
            }
            ICipherParameters parameters = null;

            if (PbeUtilities.IsPkcs5Scheme2(text))
            {
                PbeS2Parameters     instance3        = PbeS2Parameters.GetInstance(pbeParameters.ToAsn1Object());
                AlgorithmIdentifier encryptionScheme = instance3.EncryptionScheme;
                DerObjectIdentifier objectID         = encryptionScheme.ObjectID;
                Asn1Object          obj       = encryptionScheme.Parameters.ToAsn1Object();
                Pbkdf2Params        instance4 = Pbkdf2Params.GetInstance(instance3.KeyDerivationFunc.Parameters.ToAsn1Object());
                byte[] array2;
                if (objectID.Equals(PkcsObjectIdentifiers.RC2Cbc))
                {
                    RC2CbcParameter instance5 = RC2CbcParameter.GetInstance(obj);
                    array2 = instance5.GetIV();
                }
                else
                {
                    array2 = Asn1OctetString.GetInstance(obj).GetOctets();
                }
                salt           = instance4.GetSalt();
                iterationCount = instance4.IterationCount.IntValue;
                array          = PbeParametersGenerator.Pkcs5PasswordToBytes(password);
                int keySize = (instance4.KeyLength != null) ? (instance4.KeyLength.IntValue * 8) : GeneratorUtilities.GetDefaultKeySize(objectID);
                PbeParametersGenerator pbeParametersGenerator = PbeUtilities.MakePbeGenerator((string)PbeUtilities.algorithmType[text], null, array, salt, iterationCount);
                parameters = pbeParametersGenerator.GenerateDerivedParameters(objectID.Id, keySize);
                if (array2 != null && !Arrays.AreEqual(array2, new byte[array2.Length]))
                {
                    parameters = new ParametersWithIV(parameters, array2);
                }
            }
            else if (text.StartsWith("PBEwithSHA-1"))
            {
                PbeParametersGenerator pbeParametersGenerator2 = PbeUtilities.MakePbeGenerator((string)PbeUtilities.algorithmType[text], new Sha1Digest(), array, salt, iterationCount);
                if (text.Equals("PBEwithSHA-1and128bitAES-CBC-BC"))
                {
                    parameters = pbeParametersGenerator2.GenerateDerivedParameters("AES", 128, 128);
                }
                else if (text.Equals("PBEwithSHA-1and192bitAES-CBC-BC"))
                {
                    parameters = pbeParametersGenerator2.GenerateDerivedParameters("AES", 192, 128);
                }
                else if (text.Equals("PBEwithSHA-1and256bitAES-CBC-BC"))
                {
                    parameters = pbeParametersGenerator2.GenerateDerivedParameters("AES", 256, 128);
                }
                else if (text.Equals("PBEwithSHA-1and128bitRC4"))
                {
                    parameters = pbeParametersGenerator2.GenerateDerivedParameters("RC4", 128);
                }
                else if (text.Equals("PBEwithSHA-1and40bitRC4"))
                {
                    parameters = pbeParametersGenerator2.GenerateDerivedParameters("RC4", 40);
                }
                else if (text.Equals("PBEwithSHA-1and3-keyDESEDE-CBC"))
                {
                    parameters = pbeParametersGenerator2.GenerateDerivedParameters("DESEDE", 192, 64);
                }
                else if (text.Equals("PBEwithSHA-1and2-keyDESEDE-CBC"))
                {
                    parameters = pbeParametersGenerator2.GenerateDerivedParameters("DESEDE", 128, 64);
                }
                else if (text.Equals("PBEwithSHA-1and128bitRC2-CBC"))
                {
                    parameters = pbeParametersGenerator2.GenerateDerivedParameters("RC2", 128, 64);
                }
                else if (text.Equals("PBEwithSHA-1and40bitRC2-CBC"))
                {
                    parameters = pbeParametersGenerator2.GenerateDerivedParameters("RC2", 40, 64);
                }
                else if (text.Equals("PBEwithSHA-1andDES-CBC"))
                {
                    parameters = pbeParametersGenerator2.GenerateDerivedParameters("DES", 64, 64);
                }
                else if (text.Equals("PBEwithSHA-1andRC2-CBC"))
                {
                    parameters = pbeParametersGenerator2.GenerateDerivedParameters("RC2", 64, 64);
                }
            }
            else if (text.StartsWith("PBEwithSHA-256"))
            {
                PbeParametersGenerator pbeParametersGenerator3 = PbeUtilities.MakePbeGenerator((string)PbeUtilities.algorithmType[text], new Sha256Digest(), array, salt, iterationCount);
                if (text.Equals("PBEwithSHA-256and128bitAES-CBC-BC"))
                {
                    parameters = pbeParametersGenerator3.GenerateDerivedParameters("AES", 128, 128);
                }
                else if (text.Equals("PBEwithSHA-256and192bitAES-CBC-BC"))
                {
                    parameters = pbeParametersGenerator3.GenerateDerivedParameters("AES", 192, 128);
                }
                else if (text.Equals("PBEwithSHA-256and256bitAES-CBC-BC"))
                {
                    parameters = pbeParametersGenerator3.GenerateDerivedParameters("AES", 256, 128);
                }
            }
            else if (text.StartsWith("PBEwithMD5"))
            {
                PbeParametersGenerator pbeParametersGenerator4 = PbeUtilities.MakePbeGenerator((string)PbeUtilities.algorithmType[text], new MD5Digest(), array, salt, iterationCount);
                if (text.Equals("PBEwithMD5andDES-CBC"))
                {
                    parameters = pbeParametersGenerator4.GenerateDerivedParameters("DES", 64, 64);
                }
                else if (text.Equals("PBEwithMD5andRC2-CBC"))
                {
                    parameters = pbeParametersGenerator4.GenerateDerivedParameters("RC2", 64, 64);
                }
                else if (text.Equals("PBEwithMD5and128bitAES-CBC-OpenSSL"))
                {
                    parameters = pbeParametersGenerator4.GenerateDerivedParameters("AES", 128, 128);
                }
                else if (text.Equals("PBEwithMD5and192bitAES-CBC-OpenSSL"))
                {
                    parameters = pbeParametersGenerator4.GenerateDerivedParameters("AES", 192, 128);
                }
                else if (text.Equals("PBEwithMD5and256bitAES-CBC-OpenSSL"))
                {
                    parameters = pbeParametersGenerator4.GenerateDerivedParameters("AES", 256, 128);
                }
            }
            else if (text.StartsWith("PBEwithMD2"))
            {
                PbeParametersGenerator pbeParametersGenerator5 = PbeUtilities.MakePbeGenerator((string)PbeUtilities.algorithmType[text], new MD2Digest(), array, salt, iterationCount);
                if (text.Equals("PBEwithMD2andDES-CBC"))
                {
                    parameters = pbeParametersGenerator5.GenerateDerivedParameters("DES", 64, 64);
                }
                else if (text.Equals("PBEwithMD2andRC2-CBC"))
                {
                    parameters = pbeParametersGenerator5.GenerateDerivedParameters("RC2", 64, 64);
                }
            }
            else if (text.StartsWith("PBEwithHmac"))
            {
                string  algorithm2 = text.Substring("PBEwithHmac".Length);
                IDigest digest     = DigestUtilities.GetDigest(algorithm2);
                PbeParametersGenerator pbeParametersGenerator6 = PbeUtilities.MakePbeGenerator((string)PbeUtilities.algorithmType[text], digest, array, salt, iterationCount);
                int keySize2 = digest.GetDigestSize() * 8;
                parameters = pbeParametersGenerator6.GenerateDerivedMacParameters(keySize2);
            }
            Array.Clear(array, 0, array.Length);
            return(PbeUtilities.FixDesParity(text, parameters));
        }