protected virtual ISigner MakeSigner(SignatureAndHashAlgorithm algorithm, bool raw, bool forSigning, ICipherParameters cp) { if ((algorithm != null) != TlsUtilities.IsTlsV12(mContext)) throw new InvalidOperationException(); if (algorithm != null && algorithm.Signature != SignatureAlgorithm.rsa) throw new InvalidOperationException(); IDigest d; if (raw) { d = new NullDigest(); } else if (algorithm == null) { d = new CombinedHash(); } else { d = TlsUtilities.CreateHash(algorithm.Hash); } ISigner s; if (algorithm != null) { /* * RFC 5246 4.7. In RSA signing, the opaque vector contains the signature generated * using the RSASSA-PKCS1-v1_5 signature scheme defined in [PKCS1]. */ s = new RsaDigestSigner(d, TlsUtilities.GetOidForHashAlgorithm(algorithm.Hash)); } else { /* * RFC 5246 4.7. Note that earlier versions of TLS used a different RSA signature scheme * that did not include a DigestInfo encoding. */ s = new GenericSigner(CreateRsaImpl(), d); } s.Init(forSigning, cp); return s; }
private IDigest GetDigest(THashAlgorithm hashAlgorithm) { IDigest result = null; switch (hashAlgorithm) { case THashAlgorithm.None: result = new NullDigest(); break; case THashAlgorithm.MD5: result = new MD5Digest(); break; case THashAlgorithm.SHA1: result = new Sha1Digest(); break; case THashAlgorithm.SHA224: result = new Sha224Digest(); break; case THashAlgorithm.SHA256: result = new Sha256Digest(); break; case THashAlgorithm.SHA384: result = new Sha384Digest(); break; case THashAlgorithm.SHA512: result = new Sha512Digest(); break; default: break; } return result; }
public static ISigner GetSigner( string algorithm) { if (algorithm == null) throw new ArgumentNullException("algorithm"); algorithm = algorithm.ToUpper(CultureInfo.InvariantCulture); string mechanism = (string) algorithms[algorithm]; if (mechanism == null) mechanism = algorithm; if (mechanism.Equals("RSA")) { return (new RsaDigestSigner(new NullDigest())); } if (mechanism.Equals("MD2withRSA")) { return (new RsaDigestSigner(new MD2Digest())); } if (mechanism.Equals("MD4withRSA")) { return (new RsaDigestSigner(new MD4Digest())); } if (mechanism.Equals("MD5withRSA")) { return (new RsaDigestSigner(new MD5Digest())); } if (mechanism.Equals("SHA-1withRSA")) { return (new RsaDigestSigner(new Sha1Digest())); } if (mechanism.Equals("SHA-224withRSA")) { return (new RsaDigestSigner(new Sha224Digest())); } if (mechanism.Equals("SHA-256withRSA")) { return (new RsaDigestSigner(new Sha256Digest())); } if (mechanism.Equals("SHA-384withRSA")) { return (new RsaDigestSigner(new Sha384Digest())); } if (mechanism.Equals("SHA-512withRSA")) { return (new RsaDigestSigner(new Sha512Digest())); } if (mechanism.Equals("RIPEMD128withRSA")) { return (new RsaDigestSigner(new RipeMD128Digest())); } if (mechanism.Equals("RIPEMD160withRSA")) { return (new RsaDigestSigner(new RipeMD160Digest())); } if (mechanism.Equals("RIPEMD256withRSA")) { return (new RsaDigestSigner(new RipeMD256Digest())); } if (mechanism.Equals("RAWRSASSA-PSS")) { // TODO Add support for other parameter settings IDigest contentDigest = new NullDigest(); IDigest mgfDigest = new Sha1Digest(); int saltLen = mgfDigest.GetDigestSize(); return (new PssSigner(new RsaBlindedEngine(), contentDigest, mgfDigest, saltLen, PssSigner.TrailerImplicit)); } if (mechanism.Equals("PSSwithRSA")) { // TODO The Sha1Digest here is a default. In JCE version, the actual digest // to be used can be overridden by subsequent parameter settings. return (new PssSigner(new RsaBlindedEngine(), new Sha1Digest())); } if (mechanism.Equals("SHA-1withRSAandMGF1")) { return (new PssSigner(new RsaBlindedEngine(), new Sha1Digest())); } if (mechanism.Equals("SHA-224withRSAandMGF1")) { return (new PssSigner(new RsaBlindedEngine(), new Sha224Digest())); } if (mechanism.Equals("SHA-256withRSAandMGF1")) { return (new PssSigner(new RsaBlindedEngine(), new Sha256Digest())); } if (mechanism.Equals("SHA-384withRSAandMGF1")) { return (new PssSigner(new RsaBlindedEngine(), new Sha384Digest())); } if (mechanism.Equals("SHA-512withRSAandMGF1")) { return (new PssSigner(new RsaBlindedEngine(), new Sha512Digest())); } if (mechanism.Equals("NONEwithDSA")) { return (new DsaDigestSigner(new DsaSigner(), new NullDigest())); } if (mechanism.Equals("SHA-1withDSA")) { return (new DsaDigestSigner(new DsaSigner(), new Sha1Digest())); } if (mechanism.Equals("SHA-224withDSA")) { return (new DsaDigestSigner(new DsaSigner(), new Sha224Digest())); } if (mechanism.Equals("SHA-256withDSA")) { return (new DsaDigestSigner(new DsaSigner(), new Sha256Digest())); } if (mechanism.Equals("SHA-384withDSA")) { return (new DsaDigestSigner(new DsaSigner(), new Sha384Digest())); } if (mechanism.Equals("SHA-512withDSA")) { return (new DsaDigestSigner(new DsaSigner(), new Sha512Digest())); } if (mechanism.Equals("NONEwithECDSA")) { return (new DsaDigestSigner(new ECDsaSigner(), new NullDigest())); } if (mechanism.Equals("SHA-1withECDSA")) { return (new DsaDigestSigner(new ECDsaSigner(), new Sha1Digest())); } if (mechanism.Equals("SHA-224withECDSA")) { return (new DsaDigestSigner(new ECDsaSigner(), new Sha224Digest())); } if (mechanism.Equals("SHA-256withECDSA")) { return (new DsaDigestSigner(new ECDsaSigner(), new Sha256Digest())); } if (mechanism.Equals("SHA-384withECDSA")) { return (new DsaDigestSigner(new ECDsaSigner(), new Sha384Digest())); } if (mechanism.Equals("SHA-512withECDSA")) { return (new DsaDigestSigner(new ECDsaSigner(), new Sha512Digest())); } if (mechanism.Equals("RIPEMD160withECDSA")) { return (new DsaDigestSigner(new ECDsaSigner(), new RipeMD160Digest())); } if (mechanism.Equals("SHA1WITHECNR")) { return (new DsaDigestSigner(new ECNRSigner(), new Sha1Digest())); } if (mechanism.Equals("SHA224WITHECNR")) { return (new DsaDigestSigner(new ECNRSigner(), new Sha224Digest())); } if (mechanism.Equals("SHA256WITHECNR")) { return (new DsaDigestSigner(new ECNRSigner(), new Sha256Digest())); } if (mechanism.Equals("SHA384WITHECNR")) { return (new DsaDigestSigner(new ECNRSigner(), new Sha384Digest())); } if (mechanism.Equals("SHA512WITHECNR")) { return (new DsaDigestSigner(new ECNRSigner(), new Sha512Digest())); } if (mechanism.Equals("GOST3410")) { return new Gost3410DigestSigner(new Gost3410Signer(), new Gost3411Digest()); } if (mechanism.Equals("ECGOST3410")) { return new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411Digest()); } if (mechanism.Equals("SHA1WITHRSA/ISO9796-2")) { return new Iso9796d2Signer(new RsaBlindedEngine(), new Sha1Digest(), true); } if (mechanism.Equals("MD5WITHRSA/ISO9796-2")) { return new Iso9796d2Signer(new RsaBlindedEngine(), new MD5Digest(), true); } if (mechanism.Equals("RIPEMD160WITHRSA/ISO9796-2")) { return new Iso9796d2Signer(new RsaBlindedEngine(), new RipeMD160Digest(), true); } throw new SecurityUtilityException("Signer " + algorithm + " not recognised."); }