using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Bsi; using Org.BouncyCastle.Asn1.CryptoPro; using Org.BouncyCastle.Asn1.EdEC; using Org.BouncyCastle.Asn1.GM; using Org.BouncyCastle.Asn1.Nist; using Org.BouncyCastle.Asn1.Oiw; using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Asn1.Rosstandart; using Org.BouncyCastle.Asn1.TeleTrust; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Asn1.X9; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Utilities.Collections; using System; using System.Collections.Generic; namespace Org.BouncyCastle.Crypto.Operators { internal class X509Utilities { private static readonly Dictionary<string, DerObjectIdentifier> Algorithms; private static readonly Dictionary<string, Asn1Encodable> ExParams; private static readonly Dictionary<DerObjectIdentifier, AlgorithmIdentifier> NoParams; static X509Utilities() { Algorithms = new Dictionary<string, DerObjectIdentifier>(StringComparer.OrdinalIgnoreCase); ExParams = new Dictionary<string, Asn1Encodable>(StringComparer.OrdinalIgnoreCase); NoParams = new Dictionary<DerObjectIdentifier, AlgorithmIdentifier>(); Algorithms.Add("MD2WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD2WithRsaEncryption); Algorithms.Add("MD2WITHRSA", PkcsObjectIdentifiers.MD2WithRsaEncryption); Algorithms.Add("MD5WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD5WithRsaEncryption); Algorithms.Add("MD5WITHRSA", PkcsObjectIdentifiers.MD5WithRsaEncryption); Algorithms.Add("SHA1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption); Algorithms.Add("SHA-1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption); Algorithms.Add("SHA1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption); Algorithms.Add("SHA-1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption); Algorithms.Add("SHA224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption); Algorithms.Add("SHA-224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption); Algorithms.Add("SHA224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption); Algorithms.Add("SHA-224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption); Algorithms.Add("SHA256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption); Algorithms.Add("SHA-256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption); Algorithms.Add("SHA256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption); Algorithms.Add("SHA-256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption); Algorithms.Add("SHA384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption); Algorithms.Add("SHA-384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption); Algorithms.Add("SHA384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption); Algorithms.Add("SHA-384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption); Algorithms.Add("SHA512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption); Algorithms.Add("SHA-512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption); Algorithms.Add("SHA512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption); Algorithms.Add("SHA-512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption); Algorithms.Add("SHA512(224)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); Algorithms.Add("SHA-512(224)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); Algorithms.Add("SHA512(224)WITHRSA", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); Algorithms.Add("SHA-512(224)WITHRSA", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); Algorithms.Add("SHA512(256)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); Algorithms.Add("SHA-512(256)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); Algorithms.Add("SHA512(256)WITHRSA", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); Algorithms.Add("SHA-512(256)WITHRSA", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); Algorithms.Add("SHA3-224WITHRSAENCRYPTION", NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224); Algorithms.Add("SHA3-256WITHRSAENCRYPTION", NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256); Algorithms.Add("SHA3-384WITHRSAENCRYPTION", NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384); Algorithms.Add("SHA3-512WITHRSAENCRYPTION", NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512); Algorithms.Add("SHA3-224WITHRSA", NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224); Algorithms.Add("SHA3-256WITHRSA", NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256); Algorithms.Add("SHA3-384WITHRSA", NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384); Algorithms.Add("SHA3-512WITHRSA", NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512); Algorithms.Add("SHA1WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss); Algorithms.Add("SHA224WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss); Algorithms.Add("SHA256WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss); Algorithms.Add("SHA384WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss); Algorithms.Add("SHA512WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss); Algorithms.Add("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160); Algorithms.Add("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160); Algorithms.Add("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128); Algorithms.Add("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128); Algorithms.Add("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256); Algorithms.Add("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256); Algorithms.Add("SHA1WITHDSA", X9ObjectIdentifiers.IdDsaWithSha1); Algorithms.Add("DSAWITHSHA1", X9ObjectIdentifiers.IdDsaWithSha1); Algorithms.Add("SHA224WITHDSA", NistObjectIdentifiers.DsaWithSha224); Algorithms.Add("SHA256WITHDSA", NistObjectIdentifiers.DsaWithSha256); Algorithms.Add("SHA384WITHDSA", NistObjectIdentifiers.DsaWithSha384); Algorithms.Add("SHA512WITHDSA", NistObjectIdentifiers.DsaWithSha512); Algorithms.Add("SHA1WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha1); Algorithms.Add("ECDSAWITHSHA1", X9ObjectIdentifiers.ECDsaWithSha1); Algorithms.Add("SHA224WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha224); Algorithms.Add("SHA256WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha256); Algorithms.Add("SHA384WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha384); Algorithms.Add("SHA512WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha512); Algorithms.Add("SHA1withPLAIN-ECDSA", BsiObjectIdentifiers.ecdsa_plain_SHA1); Algorithms.Add("SHA224withPLAIN-ECDSA", BsiObjectIdentifiers.ecdsa_plain_SHA224); Algorithms.Add("SHA256withPLAIN-ECDSA", BsiObjectIdentifiers.ecdsa_plain_SHA256); Algorithms.Add("SHA384withPLAIN-ECDSA", BsiObjectIdentifiers.ecdsa_plain_SHA384); Algorithms.Add("SHA512withPLAIN-ECDSA", BsiObjectIdentifiers.ecdsa_plain_SHA512); Algorithms.Add("RIPEMD160withPLAIN-ECDSA", BsiObjectIdentifiers.ecdsa_plain_RIPEMD160); Algorithms.Add("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); Algorithms.Add("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); Algorithms.Add("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); Algorithms.Add("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); Algorithms.Add("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); Algorithms.Add("GOST3411-2012-256WITHECGOST3410", RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256); Algorithms.Add("GOST3411-2012-256WITHECGOST3410-2012-256", RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256); Algorithms.Add("GOST3411-2012-512WITHECGOST3410", RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512); Algorithms.Add("GOST3411-2012-512WITHECGOST3410-2012-512", RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512); Algorithms.Add("SHAKE128WITHRSAPSS", X509ObjectIdentifiers.id_RSASSA_PSS_SHAKE128); Algorithms.Add("SHAKE256WITHRSAPSS", X509ObjectIdentifiers.id_RSASSA_PSS_SHAKE256); Algorithms.Add("SHAKE128WITHRSASSA-PSS", X509ObjectIdentifiers.id_RSASSA_PSS_SHAKE128); Algorithms.Add("SHAKE256WITHRSASSA-PSS", X509ObjectIdentifiers.id_RSASSA_PSS_SHAKE256); Algorithms.Add("SHAKE128WITHECDSA", X509ObjectIdentifiers.id_ecdsa_with_shake128); Algorithms.Add("SHAKE256WITHECDSA", X509ObjectIdentifiers.id_ecdsa_with_shake256); AddNoParams(X9ObjectIdentifiers.IdDsaWithSha1); AddNoParams(OiwObjectIdentifiers.DsaWithSha1); AddNoParams(NistObjectIdentifiers.DsaWithSha224); AddNoParams(NistObjectIdentifiers.DsaWithSha256); AddNoParams(NistObjectIdentifiers.DsaWithSha384); AddNoParams(NistObjectIdentifiers.DsaWithSha512); AddNoParams(X9ObjectIdentifiers.ECDsaWithSha1); AddNoParams(X9ObjectIdentifiers.ECDsaWithSha224); AddNoParams(X9ObjectIdentifiers.ECDsaWithSha256); AddNoParams(X9ObjectIdentifiers.ECDsaWithSha384); AddNoParams(X9ObjectIdentifiers.ECDsaWithSha512); AddNoParams(BsiObjectIdentifiers.ecdsa_plain_SHA224); AddNoParams(BsiObjectIdentifiers.ecdsa_plain_SHA256); AddNoParams(BsiObjectIdentifiers.ecdsa_plain_SHA384); AddNoParams(BsiObjectIdentifiers.ecdsa_plain_SHA512); AddNoParams(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); AddNoParams(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); AddNoParams(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256); AddNoParams(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512); AddNoParams(X509ObjectIdentifiers.id_RSASSA_PSS_SHAKE128); AddNoParams(X509ObjectIdentifiers.id_RSASSA_PSS_SHAKE256); AddNoParams(X509ObjectIdentifiers.id_ecdsa_with_shake128); AddNoParams(X509ObjectIdentifiers.id_ecdsa_with_shake256); AlgorithmIdentifier digAlgID = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance); ExParams.Add("SHA1WITHRSAANDMGF1", CreatePssParams(digAlgID, 20)); AlgorithmIdentifier digAlgID2 = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance); ExParams.Add("SHA224WITHRSAANDMGF1", CreatePssParams(digAlgID2, 28)); AlgorithmIdentifier digAlgID3 = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance); ExParams.Add("SHA256WITHRSAANDMGF1", CreatePssParams(digAlgID3, 32)); AlgorithmIdentifier digAlgID4 = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance); ExParams.Add("SHA384WITHRSAANDMGF1", CreatePssParams(digAlgID4, 48)); AlgorithmIdentifier digAlgID5 = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512, DerNull.Instance); ExParams.Add("SHA512WITHRSAANDMGF1", CreatePssParams(digAlgID5, 64)); AddAlgorithm("SHA3-224WITHDSA", NistObjectIdentifiers.IdDsaWithSha3_224, true); AddAlgorithm("SHA3-256WITHDSA", NistObjectIdentifiers.IdDsaWithSha3_256, true); AddAlgorithm("SHA3-384WITHDSA", NistObjectIdentifiers.IdDsaWithSha3_384, true); AddAlgorithm("SHA3-512WITHDSA", NistObjectIdentifiers.IdDsaWithSha3_512, true); AddAlgorithm("SHA3-224WITHECDSA", NistObjectIdentifiers.IdEcdsaWithSha3_224, true); AddAlgorithm("SHA3-256WITHECDSA", NistObjectIdentifiers.IdEcdsaWithSha3_256, true); AddAlgorithm("SHA3-384WITHECDSA", NistObjectIdentifiers.IdEcdsaWithSha3_384, true); AddAlgorithm("SHA3-512WITHECDSA", NistObjectIdentifiers.IdEcdsaWithSha3_512, true); AddAlgorithm("SHA3-224WITHPLAIN-ECDSA", BsiObjectIdentifiers.ecdsa_plain_SHA3_224, true); AddAlgorithm("SHA3-256WITHPLAIN-ECDSA", BsiObjectIdentifiers.ecdsa_plain_SHA3_256, true); AddAlgorithm("SHA3-384WITHPLAIN-ECDSA", BsiObjectIdentifiers.ecdsa_plain_SHA3_384, true); AddAlgorithm("SHA3-512WITHPLAIN-ECDSA", BsiObjectIdentifiers.ecdsa_plain_SHA3_512, true); AddAlgorithm("SHA256WITHSM2", GMObjectIdentifiers.sm2sign_with_sha256, true); AddAlgorithm("SM3WITHSM2", GMObjectIdentifiers.sm2sign_with_sm3, true); AddAlgorithm("Ed25519", EdECObjectIdentifiers.id_Ed25519, true); AddAlgorithm("Ed448", EdECObjectIdentifiers.id_Ed448, true); foreach (MLDsaParameters value in MLDsaParameters.ByName.Values) { AddAlgorithm(value.Name, value.Oid, true); } foreach (SlhDsaParameters value2 in SlhDsaParameters.ByName.Values) { AddAlgorithm(value2.Name, value2.Oid, true); } } private static void AddAlgorithm(string name, DerObjectIdentifier oid, bool isNoParams) { if (name == null) throw new ArgumentNullException("name"); if (oid == null) throw new ArgumentNullException("oid"); Algorithms.Add(name, oid); if (isNoParams) AddNoParams(oid); } private static void AddNoParams(DerObjectIdentifier oid) { NoParams.Add(oid, new AlgorithmIdentifier(oid)); } private static RsassaPssParameters CreatePssParams(AlgorithmIdentifier digAlgID, int saltSize) { return new RsassaPssParameters(digAlgID, new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, digAlgID), new DerInteger(saltSize), DerInteger.One); } internal static DerObjectIdentifier GetSigOid(string sigName) { if (Algorithms.TryGetValue(sigName, out DerObjectIdentifier value)) return value; return new DerObjectIdentifier(sigName); } internal static AlgorithmIdentifier GetSigAlgID(string algorithmName) { DerObjectIdentifier sigOid = GetSigOid(algorithmName); if (NoParams.TryGetValue(sigOid, out AlgorithmIdentifier value)) return value; if (ExParams.TryGetValue(algorithmName, out Asn1Encodable value2)) return new AlgorithmIdentifier(sigOid, value2); return new AlgorithmIdentifier(sigOid, DerNull.Instance); } internal static IEnumerable<string> GetSigNames() { return CollectionUtilities.Proxy(Algorithms.Keys); } } }