Skip to content

Commit

Permalink
merge from master
Browse files Browse the repository at this point in the history
  • Loading branch information
Oren Novotny committed Jan 25, 2019
2 parents dbb7351 + a7a5659 commit ba3b6a8
Show file tree
Hide file tree
Showing 41 changed files with 1,565 additions and 312 deletions.
7 changes: 7 additions & 0 deletions crypto/Readme.html
Original file line number Diff line number Diff line change
Expand Up @@ -296,6 +296,13 @@ <h3><a class="mozTocH3" name="mozTocId358608"></a>For first time users.</h3>
<hr style="WIDTH: 100%; HEIGHT: 2px">
<h3><a class="mozTocH3" name="mozTocId3413"></a>Notes:</h3>

<h4><a class="mozTocH4" name="mozTocId85318"></a>Release 1.8.5, 2019</h4>
<h5>Additional Features and Functionality</h5>
<ul>
<li>Supported added for encoding and decoding of GOST3410-2012 keys</li>
<li>Basic support added for CMP (RFC 4210) and CRMF (RFC 4211), including the PKI archive control.</li>
</ul>

<h4><a class="mozTocH4" name="mozTocId85318"></a>Release 1.8.4, Saturday October 27, 2018</h4>

<h5>IMPORTANT</h5>
Expand Down
2 changes: 2 additions & 0 deletions crypto/src/asn1/misc/MiscObjectIdentifiers.cs
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,8 @@ public abstract class MiscObjectIdentifiers
public static readonly string Entrust = "1.2.840.113533.7";
public static readonly DerObjectIdentifier EntrustVersionExtension = new DerObjectIdentifier(Entrust + ".65.0");

public static readonly DerObjectIdentifier cast5CBC = new DerObjectIdentifier(Entrust+ ".66.10");

//
// Ascom
//
Expand Down
3 changes: 2 additions & 1 deletion crypto/src/asn1/pkcs/PKCSObjectIdentifiers.cs
Original file line number Diff line number Diff line change
Expand Up @@ -62,8 +62,9 @@ public abstract class PkcsObjectIdentifiers

public static readonly DerObjectIdentifier DesEde3Cbc = new DerObjectIdentifier(EncryptionAlgorithm + ".7");
public static readonly DerObjectIdentifier RC2Cbc = new DerObjectIdentifier(EncryptionAlgorithm + ".2");
public static readonly DerObjectIdentifier rc4 = new DerObjectIdentifier(EncryptionAlgorithm + ".4");

//
//
// object identifiers for digests
//
public const string DigestAlgorithm = "1.2.840.113549.2";
Expand Down
39 changes: 39 additions & 0 deletions crypto/src/cmp/RevocationDetails.cs
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
using Org.BouncyCastle.Asn1.Cmp;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Math;

namespace Org.BouncyCastle.Cmp
{
public class RevocationDetails
{
private RevDetails revDetails;

public RevocationDetails(RevDetails revDetails)
{
this.revDetails = revDetails;
}

public X509Name Subject
{
get { return revDetails.CertDetails.Subject; }
}

public X509Name Issuer
{
get { return revDetails.CertDetails.Issuer; }
}

public BigInteger SerialNumber
{
get
{
return revDetails.CertDetails.SerialNumber.Value; // getCertDetails().getSerialNumber().getValue();
}
}

public RevDetails ToASN1Structure()
{
return revDetails;
}
}
}
58 changes: 58 additions & 0 deletions crypto/src/cmp/RevocationDetailsBuilder.cs
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cmp;
using Org.BouncyCastle.Asn1.Crmf;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Math;

namespace Org.BouncyCastle.Cmp
{
public class RevocationDetailsBuilder
{
private readonly CertTemplateBuilder _templateBuilder = new CertTemplateBuilder();

public RevocationDetailsBuilder SetPublicKey(SubjectPublicKeyInfo publicKey)
{
if (publicKey != null)
{
_templateBuilder.SetPublicKey(publicKey);
}

return this;
}

public RevocationDetailsBuilder SetIssuer(X509Name issuer)
{
if (issuer != null)
{
_templateBuilder.SetIssuer(issuer);
}

return this;
}

public RevocationDetailsBuilder SetSerialNumber(BigInteger serialNumber)
{
if (serialNumber != null)
{
_templateBuilder.SetSerialNumber(new DerInteger(serialNumber));
}

return this;
}

public RevocationDetailsBuilder SetSubject(X509Name subject)
{
if (subject != null)
{
_templateBuilder.SetSubject(subject);
}

return this;
}

public RevocationDetails build()
{
return new RevocationDetails(new RevDetails(_templateBuilder.Build()));
}
}
}
71 changes: 70 additions & 1 deletion crypto/src/cms/CMSEnvelopedDataGenerator.cs
Original file line number Diff line number Diff line change
Expand Up @@ -144,7 +144,7 @@ public CmsEnvelopedData Generate(
try
{
CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid);

keyGen.Init(new KeyGenerationParameters(rand, keyGen.DefaultStrength));

return Generate(content, encryptionOid, keyGen);
Expand All @@ -155,6 +155,75 @@ public CmsEnvelopedData Generate(
}
}


public CmsEnvelopedData Generate(CmsProcessable content, ICipherBuilderWithKey cipherBuilder)
{
AlgorithmIdentifier encAlgId = null;
KeyParameter encKey;
Asn1OctetString encContent;

try
{
encKey = (KeyParameter) cipherBuilder.Key;

MemoryStream collector = new MemoryStream();
Stream bOut = cipherBuilder.BuildCipher(collector).Stream;
content.Write(bOut);
Platform.Dispose(bOut);
encContent = new BerOctetString(collector.ToArray());
}
catch (SecurityUtilityException e)
{
throw new CmsException("couldn't create cipher.", e);
}
catch (InvalidKeyException e)
{
throw new CmsException("key invalid in message.", e);
}
catch (IOException e)
{
throw new CmsException("exception decoding algorithm parameters.", e);
}


Asn1EncodableVector recipientInfos = new Asn1EncodableVector();

foreach (RecipientInfoGenerator rig in recipientInfoGenerators)
{
try
{
recipientInfos.Add(rig.Generate(encKey, rand));
}
catch (InvalidKeyException e)
{
throw new CmsException("key inappropriate for algorithm.", e);
}
catch (GeneralSecurityException e)
{
throw new CmsException("error making encrypted content.", e);
}
}

EncryptedContentInfo eci = new EncryptedContentInfo(
CmsObjectIdentifiers.Data,
(AlgorithmIdentifier) cipherBuilder.AlgorithmDetails,
encContent);

Asn1Set unprotectedAttrSet = null;
if (unprotectedAttributeGenerator != null)
{
Asn1.Cms.AttributeTable attrTable = unprotectedAttributeGenerator.GetAttributes(Platform.CreateHashtable());

unprotectedAttrSet = new BerSet(attrTable.ToAsn1EncodableVector());
}

ContentInfo contentInfo = new ContentInfo(
CmsObjectIdentifiers.EnvelopedData,
new EnvelopedData(null, new DerSet(recipientInfos), eci, unprotectedAttrSet));

return new CmsEnvelopedData(contentInfo);
}

/// <summary>Generate an enveloped object that contains an CMS Enveloped Data object.</summary>
public CmsEnvelopedData Generate(
CmsProcessable content,
Expand Down
10 changes: 10 additions & 0 deletions crypto/src/cms/CMSEnvelopedGenerator.cs
Original file line number Diff line number Diff line change
Expand Up @@ -263,6 +263,16 @@ public void AddKeyAgreementRecipients(
recipientInfoGenerators.Add(karig);
}

/// <summary>
/// Add a generator to produce the recipient info required.
/// </summary>
/// <param name="recipientInfoGenerator">a generator of a recipient info object.</param>
public void AddRecipientInfoGenerator(RecipientInfoGenerator recipientInfoGenerator)
{
recipientInfoGenerators.Add(recipientInfoGenerator);
}


protected internal virtual AlgorithmIdentifier GetAlgorithmIdentifier(
string encryptionOid,
KeyParameter encKey,
Expand Down
17 changes: 16 additions & 1 deletion crypto/src/cms/CMSProcessableByteArray.cs
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
using System;
using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cms;

namespace Org.BouncyCastle.Cms
{
Expand All @@ -9,13 +11,26 @@ namespace Org.BouncyCastle.Cms
public class CmsProcessableByteArray
: CmsProcessable, CmsReadable
{
private readonly DerObjectIdentifier type;
private readonly byte[] bytes;

public CmsProcessableByteArray(byte[] bytes)
{
{
type = CmsObjectIdentifiers.Data;
this.bytes = bytes;
}

public CmsProcessableByteArray(DerObjectIdentifier type, byte[] bytes)
{
this.bytes = bytes;
this.type = type;
}

public DerObjectIdentifier Type
{
get { return type; }
}

public virtual Stream GetInputStream()
{
return new MemoryStream(bytes, false);
Expand Down
123 changes: 123 additions & 0 deletions crypto/src/cms/EnvelopedDataHelper.cs
Original file line number Diff line number Diff line change
@@ -0,0 +1,123 @@
using System.Collections;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Nist;
using Org.BouncyCastle.Asn1.Oiw;
using Org.BouncyCastle.Asn1.Pkcs;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Digests;
using Org.BouncyCastle.Crypto.Engines;
using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Crypto.Utilities;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Crypto.Utilites;

namespace Org.BouncyCastle.Cms
{
internal class EnvelopedDataHelper
{
private static readonly IDictionary BaseCipherNames = Platform.CreateHashtable();
private static readonly IDictionary MacAlgNames = Platform.CreateHashtable();

private static readonly IDictionary prfs = Platform.CreateHashtable();


public delegate IDigest DigestCreator();

static EnvelopedDataHelper()
{
prfs.Add(PkcsObjectIdentifiers.IdHmacWithSha1, new DigestProvider(delegate () { return new Sha1Digest(); }));
prfs.Add(PkcsObjectIdentifiers.IdHmacWithSha224, new DigestProvider(delegate () { return new Sha224Digest(); }));
prfs.Add(PkcsObjectIdentifiers.IdHmacWithSha256, new DigestProvider(delegate () { return new Sha256Digest(); }));
prfs.Add(PkcsObjectIdentifiers.IdHmacWithSha384, new DigestProvider(delegate () { return new Sha384Digest(); }));
prfs.Add(PkcsObjectIdentifiers.IdHmacWithSha512, new DigestProvider(delegate () { return new Sha512Digest(); }));


BaseCipherNames.Add(PkcsObjectIdentifiers.DesEde3Cbc, "DESEDE");
BaseCipherNames.Add(NistObjectIdentifiers.IdAes128Cbc, "AES");
BaseCipherNames.Add(NistObjectIdentifiers.IdAes192Cbc, "AES");
BaseCipherNames.Add(NistObjectIdentifiers.IdAes256Cbc, "AES");

MacAlgNames.Add(PkcsObjectIdentifiers.DesEde3Cbc, "DESEDEMac");
MacAlgNames.Add(NistObjectIdentifiers.IdAes128Cbc, "AESMac");
MacAlgNames.Add(NistObjectIdentifiers.IdAes192Cbc, "AESMac");
MacAlgNames.Add(NistObjectIdentifiers.IdAes256Cbc, "AESMac");
MacAlgNames.Add(PkcsObjectIdentifiers.RC2Cbc, "RC2Mac");
}

static IDigest GetPrf(AlgorithmIdentifier algID)
{
return ((DigestCreator)prfs[algID]).Invoke();
}


static IWrapper CreateRFC3211Wrapper(DerObjectIdentifier algorithm)

{
if (NistObjectIdentifiers.IdAes128Cbc.Equals(algorithm)
|| NistObjectIdentifiers.IdAes192Cbc.Equals(algorithm)
|| NistObjectIdentifiers.IdAes256Cbc.Equals(algorithm))
{
return new Rfc3211WrapEngine(new AesEngine());
}
else if (PkcsObjectIdentifiers.DesEde3Cbc.Equals(algorithm))
{
return new Rfc3211WrapEngine(new DesEdeEngine());
}
else if (OiwObjectIdentifiers.DesCbc.Equals(algorithm))
{
return new Rfc3211WrapEngine(new DesEngine());
}
else if (PkcsObjectIdentifiers.RC2Cbc.Equals(algorithm))
{
return new Rfc3211WrapEngine(new RC2Engine());
}
else
{
throw new CmsException("cannot recognise wrapper: " + algorithm);
}
}



public static object CreateContentCipher(bool forEncryption, ICipherParameters encKey,
AlgorithmIdentifier encryptionAlgID)

{
return CipherFactory.CreateContentCipher(forEncryption, encKey, encryptionAlgID);
}


public AlgorithmIdentifier GenerateEncryptionAlgID(DerObjectIdentifier encryptionOID, KeyParameter encKey, SecureRandom random)
{
return AlgorithmIdentifierFactory.GenerateEncryptionAlgID(encryptionOID, encKey.GetKey().Length * 8, random);
}

public CipherKeyGenerator CreateKeyGenerator(DerObjectIdentifier algorithm, SecureRandom random)

{
return CipherKeyGeneratorFactory.CreateKeyGenerator(algorithm, random);
}


}

// This exists because we can't directly put a delegate in a map as it is
// not an object.
internal class DigestProvider
{
private readonly EnvelopedDataHelper.DigestCreator creator;

public DigestProvider(EnvelopedDataHelper.DigestCreator creator)
{
this.creator = creator;
}

public IDigest Create()
{
return creator.Invoke();
}
}
}
Loading

0 comments on commit ba3b6a8

Please sign in to comment.