using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Digests; using Org.BouncyCastle.Crypto.Encodings; using Org.BouncyCastle.Crypto.Engines; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Crypto.Signers; using System; namespace Org.BouncyCastle.Tls.Crypto.Impl.BC { public class BcTlsRsaSigner : BcTlsSigner { [Obsolete("Use constructor without 'publicKey' parameter instead")] public BcTlsRsaSigner(BcTlsCrypto crypto, RsaKeyParameters privateKey, RsaKeyParameters publicKey) : this(crypto, privateKey) { } public BcTlsRsaSigner(BcTlsCrypto crypto, RsaKeyParameters privateKey) : base(crypto, privateKey) { } public override byte[] GenerateRawSignature(SignatureAndHashAlgorithm algorithm, byte[] hash) { IDigest digest = new NullDigest(); ISigner signer; if (algorithm != null) { if (algorithm.Signature != 1) throw new InvalidOperationException("Invalid algorithm: " + algorithm?.ToString()); signer = new RsaDigestSigner(digest, TlsUtilities.GetOidForHashAlgorithm(algorithm.Hash)); } else signer = new GenericSigner(new Pkcs1Encoding(new RsaBlindedEngine()), digest); signer.Init(true, new ParametersWithRandom(m_privateKey, m_crypto.SecureRandom)); signer.BlockUpdate(hash, 0, hash.Length); try { return signer.GenerateSignature(); } catch (CryptoException alertCause) { throw new TlsFatalAlert(80, alertCause); } } } }